How to Check OpenSSL Version in Linux

OpenSSL is a widely-used toolkit for implementing secure communication over computer networks. It provides a robust, full-featured, open-source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. Knowing the version of OpenSSL installed on your Linux system is crucial for ensuring compatibility and security. Here’s a step-by-step guide on how to check the OpenSSL version in Linux.

1. Open Your Terminal

The first step is to open your terminal. You can do this by searching for “Terminal” in your applications menu or by using the keyboard shortcut Ctrl + Alt + T.

2. Check OpenSSL Version

Once you have the terminal open, you can check the OpenSSL version by typing the following command:

openssl version

This command will output the version of OpenSSL installed on your system. For example, you might see something like:

OpenSSL 1.1.1f  31 Mar 2020

This output indicates that version 1.1.1f of OpenSSL, released on March 31, 2020, is installed on your system.

3. Detailed Version Information

If you need more detailed information about the OpenSSL version, including the build date and platform, you can use the -a option with the openssl version command:

openssl version -a

This command will provide a more comprehensive output, including details such as the OpenSSL configuration options, the platform it was built on, and the build date. Here’s an example of what the output might look like:

OpenSSL 1.1.1f  31 Mar 2020
built on: Mon Mar 30 12:34:56 2020 UTC
platform: linux-x86_64
options:  bn(64,64) rc4(16x,int) des(int) blowfish(ptr)
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DOPENSSLDIR="/usr/lib/ssl" -DENGINESDIR="/usr/lib/x86_64-linux-gnu/engines-1.1"

4. Using Package Managers

Another way to check the OpenSSL version is by using your Linux distribution’s package manager. This method can be particularly useful if you want to know the version of OpenSSL available in your package repositories.

• For Debian-based systems (like Ubuntu): apt list --installed | grep openssl This command will list the installed OpenSSL package along with its version.
• For Red Hat-based systems (like CentOS or Fedora): rpm -qa | grep openssl This command will display the installed OpenSSL package and its version.
• For Arch-based systems: pacman -Qs openssl This command will show the installed OpenSSL package and its version.

5. Checking OpenSSL Version in Scripts

If you are writing a script and need to check the OpenSSL version programmatically, you can use the openssl version command and parse its output. Here’s an example in Bash:

#!/bin/bash

openssl_version=$(openssl version)
echo "OpenSSL version: $openssl_version"

This script stores the output of the openssl version command in a variable and then prints it.

6. Updating OpenSSL

If you find that your OpenSSL version is outdated, it’s important to update it to ensure you have the latest security patches and features. Here’s how you can update OpenSSL on different Linux distributions:

• For Debian-based systems: sudo apt update sudo apt upgrade openssl
• For Red Hat-based systems: sudo yum update openssl
• For Arch-based systems: sudo pacman -Syu openssl

After updating, you can verify the new version by running the openssl version command again.

7. Conclusion

Checking the OpenSSL version on your Linux system is a straightforward process that can be accomplished using a few simple commands. Whether you use the openssl version command, your package manager, or a script, knowing your OpenSSL version helps ensure your system’s security and compatibility. Regularly updating OpenSSL is also crucial to protect against vulnerabilities and take advantage of new features.