Securely Decrypting an OpenSSL Encrypted File on a Remote Server Without Exposing Password to Root
I have an OpenSSL-encrypted file on a remote server that I need to decrypt. However, I don't want the root user on that server to access my decryption password. I understand that using the password directly in the command or storing it in an environment variable could expose it, as system monitoring tools like htop can reveal command history to root users.
I'm considering the following options:
- Enter the passphrase interactively in the terminal and pipe it directly into the openssl decrypt command.
- Send the passphrase to the remote server as file and use it to decrypt the file using openssl decrypt command.
- Fetch the passphrase securely from my own web server at runtime and provide it as input to the openssl decrypt command.
Are any of these methods secure against root users snooping on the server? Are there better approaches for securely decrypting the file without exposing the passphrase to the root user?
Constraints:
I cannot hardcode the password in the command or store it in an environment variable.
Root access on the remote server is a concern, and I want to avoid exposing sensitive information easily that could be captured by system monitoring tools.
In bash, for transferring data between commands, is there a more secure alternative other than piping. What is the most secure way to handle this situation?
Note: I also have root access to the remote server. I will record all active processes during decryption and ensure that no traces are left in the filesystem afterward.
