hiding passwords using openssl

How to hide main password on Linux using OpenSSL.

Run this on a web server once.

$ echo "SecretPassword" | openssl enc -aes-256-cbc -md sha512 -a -salt -pass pass:NotSoSecretPassword > secret.txt  
$ chmod 600 secret.txt

On client machine, download the secret file.

$ curl https://webserver/some/dir/secret.txt --output -s secret.txt

To retrieve the secret password, run the code below. For added measure, delete secret.txt file afterwards.

$ cat secret.txt | openssl enc -aes-256-cbc -md sha512 -a -d -salt -pass pass:NotSoSecretPassword
$rm -f secret.txt

In addition, you can rotate the NotSoSecretPassword to make it more secure.