/ Technical

Decrypting an IPCop 1.4.11 backup key

I was put in the unfortunate position of needing to reload my IPCop.

No problem, I’ll export the backup key, and download the latest backup file to my local machine. This I do, quite easily.

I reloaded the IPCop box, skipped the floppy restore option, thinking I’m going to restore it via the web interface, so it didn’t matter.

Once I could get to the web interface, I accessed the backup option. First thing I realised is that there’s no way to import my saved backup key.

So I tried to import the dat backup anyway. The interface tells me that it can’t decrypt the file.

So what now?

I connected to the IPCop box, and examined the existing backup key. Then I checked my saved backup key. My saved one is encrypted.

I couldn’t find anything via Google. The only references I could find were some people that were copying their backup.key from an old hard disk to a new one. So, I downloaded the IPCop source code, perused a couple of files, and figured out how to decrypt the key.

To make my life easier, I used WinSCP to transfer my saved key to the IPCop box, and then ran the following command:

/usr/bin/openssl enc -a -d -aes256 -salt -pass pass:<yourpasswordhere> -in encrypted.backup.key -out decrypted.backup.key

Once that’s done, simply copy your decrypted.backup.key to the correct place:

cp decrypted.backup.key /var/ipcop/backup/backup.key

Now you can import your saved backup and restore your settings.