These cookbooks' purpose is to demonstrate decryption of strings that were encrypted with a nodes/clients public key.
Moreover the openssldemo default recipe now also supports encrypting
stuff for other clients. In the version in this repository it will
encrypt something for the chef-webui user. To have your node encrypt
something for you, just exchange chef-webui by your client name,
copy the output of the file /tmp/decryptme to your workstation and
run the accompanying ./decrypt.rb PATH_TO_YOUR_CLIENT_PRIVATEKEY_FILE PATH_TO_ENCRYPTED_FILE.
You need an encrypted attribute value, which you can create by running
knife node secret add NODE PLAINTEXT ATTRIBUTE.
Of course you need the node_secret.rb knife plugin first. Put it in ~/.chef/plugins/knife.
knife node secret add NODE PLAINTEXT openssldemo
knife node show NODE -a openssldemo
knife node run_list add NODE 'recipe[openssldemo]'
ssh NODE chef-client
ssh NODE cat /tmp/itworks
ssh NODE cat /tmp/decryptme > ~/messageforyou
./decrypt.rb PATH_TO_webui.pem ~/messageforyou