I am writing a Bash script to make LUKS encryption user friendly and to make the process faster while still allowing control of the arguments.
My current code:
#!/usr/bin/env bash
## Ask user for device.
echo "Device:"
read device
## Ask user for cipher.
echo "Available ciphers:"
echo "AES [0]"
echo "Serpent [1]"
echo "Twofish [2]"
echo "Cipher:"
read cipherin
if [[ $cipherin == "0" ]]; then
[[ $cipher == "aes-xts-plain64" ]]
elif [[ $cipherin == "1" ]]; then
[[ $cipher == "serpent-xts-plain64" ]]
elif [[ $cipherin == "2" ]]; then
[[ $cipher == "twofish-xts-plain64" ]]
else echo "Invalid choice."
fi
## Ask user for key length.
echo "Available key lengths (bits):"
echo "128 [0]"
echo "256 [1]"
echo "Key length:"
read keyin
if [[ $keyin == "0" ]]; then
[[ $key == "256" ]]
elif [[ $keyin == "1" ]]; then
[[ $key == "512" ]]
else echo "Invalid choice."
fi
## Ask user for hash.
echo "Available hashes:"
echo "SHA-1 [0]"
echo "SHA-256 [1]"
echo "SHA-512 [2]"
echo "Whirlpool [3]:"
echo "Hash:"
read hashin
if [[ $hashin == "0" ]]; then
[[ $hash == "sha1" ]]
elif [[ $hashin == "1" ]]; then
[[ $hash == "sha256" ]]
elif [[ $hashin == "2" ]]; then
[[ $hash == "sha512" ]]
elif [[ $hashin == "3" ]]; then
[[ $hash == "whirlpool" ]]
else echo "Invalid choice."
fi
## Ask user for PBKDF.
echo "Available PBKDFs:"
echo "argon2i [0]"
echo "argon2id [1]"
echo "pbkdf2 [2]"
read pbkdfin
if [[ $pbkdfin == "0" ]]; then
[[ $pbkdf == "argon2i" ]]
elif [[ $pbkdfin == "1" ]]; then
[[ $pbkdf == "argon2id" ]]
elif [[ $pbkdfin == "2" ]]; then
[[ $pbkdf == "pbkdf2" ]]
else echo "Invalid choice."
fi
## Ask user for iteration time.
echo "Iteration time (ms):"
read iteration
## Encrypt drive using LUKS.
echo "Encrypting..."
sudo cryptsetup --type luks2 -c ${cipher} -h ${hash}\
-i ${iteration} -s ${key} --pbkdf ${pbkdf} --use-urandom\
-y luksFormat ${device}
The command fails with "cryptsetup: invalid numeric value". I enter 2000 into the iterations, which is default, so I know the number of interations is not the issue.
I have used https://shellcheck.net with no positive outcome; I am confused by the results.
In the first if we want the hostname to appear, which is the 5th field from a file. Then if the IP we give to the host command does not exist, then the command returns message 3 (NXDOMAIN). The script should recognize if the command was "not found". In this case it will
must simply print (-).
#!/bin/bash
ip="$1"
if [ "$ip" ] ; then
host "$ip" | cut -d' ' -f5
elif
[[ "$ip" =~ "[3(NXDOMAIN)]$" ]] ; then
echo "-"
fi
Do u have any solution on this exercise?
You're not testing the result of the host command, you're testing the value of the original $ip variable.
Save the output to a variable, test that variable, then either print the output or - depending on the test.
You don't need to do a regexp match, just match the exact string.
#!/bin/bash
ip="$1"
if [ "$ip" ] ; then
result=$(host "$ip" | cut -d" " -f5)
if [[ $result = "3(NXDOMAIN)" ]] ; then
echo "-"
else
echo "$result"
fi
fi
The answer is much simpler than you think, you don't need to do any matching. You can just use the return code from host
#!/bin/bash
ip="$1"
if domain=$(host "$1"); then
echo "${domain##* }"
else
echo "-"
fi
Proof of Concept
$ testHost(){ if domain=$(host "$1"); then echo "${domain##* }"; else echo "-"; fi }
$ testHost 172.217.6.46
sfo03s08-in-f14.1e100.net.
$ testHost 172.217.6.466
-
#!/bin/bash
if [ -n "$1" ] && [[ $1 =~ ^[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+$ ]] ;then
res=$(host "$1" | cut -d' ' -f5)
if [ "$res" != "3(NXDOMAIN)" ]; then
echo "$res"
else
echo "-"
fi
else
echo "please enter a valid ip"
fi
if you want to cover also ipv6 then I think this will cover it
#!/bin/bash
# ipv4
if [[ $1 =~ ^([[:digit:]]{1,2}|1[[:digit:]][[:digit:]]|2[0-4][[:digit:]]|25[0-5])\.([[:digit:]]{1,2}|1[[:digit:]][[:digit:]]|2[0-4][[:digit:]]|25[0-5])\.([[:digit:]]{1,2}|1[[:digit:]][[:digit:]]|2[0-4][[:digit:]]|25[0-5])\.([[:digit:]]{1,2}|1[[:digit:]][[:digit:]]|2[0-4][[:digit:]]|25[0-5])$ ]]; then
res=`host "$1" | cut -d' ' -f5`
if [ "$res" != "3(NXDOMAIN)" ]; then
echo "$res"
else
# valid ipv4 IP but not connected
echo "-"
fi
# ipv6
elif [[ $1 =~ ^(([[:xdigit:]]{1,4}:){7,7}[[:xdigit:]]{1,4}|([[:xdigit:]]{1,4}:){1,7}:|([[:xdigit:]]{1,4}:){1,6}:[[:xdigit:]]{1,4}|([[:xdigit:]]{1,4}:){1,5}(:[[:xdigit:]]{1,4}){1,2}|([[:xdigit:]]{1,4}:){1,4}(:[[:xdigit:]]{1,4}){1,3}|([[:xdigit:]]{1,4}:){1,3}(:[[:xdigit:]]{1,4}){1,4}|([[:xdigit:]]{1,4}:){1,2}(:[[:xdigit:]]{1,4}){1,5}|[[:xdigit:]]{1,4}:((:[[:xdigit:]]{1,4}){1,6})|:((:[[:xdigit:]]{1,4}){1,7}|:)|fe80:(:[[:xdigit:]]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[[:digit:]]){0,1}[[:digit:]])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[[:digit:]]){0,1}[[:digit:]])|([[:xdigit:]]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[[:digit:]]){0,1}[[:digit:]])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[[:digit:]]){0,1}[[:digit:]]))$ ]]; then
res=`host "$1" | cut -d' ' -f5`
if [ "$res" != "3(NXDOMAIN)" ]; then
echo "1. $res"
else
# valid ipv6 IP but not connected
echo "2. -"
fi
else
echo "Please enter a valid IP"
fi
Note: For some versions of bash the -4 and -6 options do not work.
Thanks to Léa Gris for pointing out the locales problem.
Inspired from https://helloacm.com/how-to-valid-ipv6-addresses-using-bash-and-regex/
I'm trying to figure out how to edit this script so it will validate an IP range instead of just one IP, i.e. 192.168.1.0/24.
echo "Target IP Address range or specific IP: "
read IPaddr
#IPv4 Validation
is_ip(){
local ip=$1
if expr "$ip" : '[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*$' >/dev/null;then
for i in 1 2 3 4;do
if [ $(echo "$ip" | cut -d. -f$i) -gt 255 ];then
return 1
fi
done
return 0
else
return 1
fi
}
#Test User-inputted IPv4 Address
is_ip "$IPaddr"
if [[ $? -eq 0 ]]; then
echo "Valid IP address/range"
else
echo "Invalid IPv4"
exit 6
fi
This script seems to do what you want if I've understood your question properly.
#!/bin/bash
locInput="$1"
locIP=${locInput%\/*}
if [[ $locInput = #(*/*) ]];then
locRange=${locInput#*\/}
fi
function is_ip
{
if [[ $locIP == ?([0-9])+([0-9])\.?([0-9])+([0-9])\.?([0-9])+([0-9])\.?([0-9])+([0-9]) ]]; then
locVerif=(${locIP//./ })
for i in ${locVerif[*]}; do
if [[ $i -lt 0 || $i -gt 255 ]]; then
return 1
fi
done
if [[ -n $locRange && ($locRange -lt 0 || $locRange -gt 31) ]]; then
return 1
fi
return 0
else
return 1
fi
}
is_ip
if [[ $? -eq 1 ]]; then
echo "Wrong IP/Range"
else
echo "Good IP/Range"
fi
Hope it can help.
I wrote the below script to take input interactively servername and service name. This repeats asking the inputs when y is given as input at the end of the while loop.
key='y';
service='';
serverName='';
while [[ $key == 'y' ]]; do
echo -e "\nEnter serverName : "
read serverName
echo -e "\nEnter Service Name : "
read service
if [[ ! -z "$service" ] && [ ! -z "$serverName" ]]; then
echo -e "startService $serverName $service"
#echo -e " Atleast one input is null"
else
echo -e " Atleast one input is null"
fi
echo -e "Enter y to repeat this step. Enter n to exit :"
read key
done
your while loop condition is wrong correct it like below:-
while [[ '$key' == 'y' ]];
or
while [[ $key == y ]];
I've been playing with bash scripting for 40'ish days with 0 experience so forgive me if my code looks like crap. I have a script that will take the configured NTP servers out of the /etc/ntp.conf file (/root/ntp.conf for testing)
NTPSRVCounter=1
echo "--- NTP Configuration ---"
echo " "
while read -r line; do
if [ $NTPSRVCounter == 1 ] ; then
echo "Primary NTP: $line"
SEDConfiguredNTP1="$(echo $line | sed 's/\./\\./g')"
((NTPSRVCounter++))
echo " "
else
SEDConfiguredNTP2="$(echo $line | sed 's/\./\\./g')"
echo "Secondary NTP: $line"
echo ""
fi
done < <(grep -o -P '(?<=server ).*(?= iburst)' /root/ntp.conf)
And asks you if you want to change it with a case statement:
echo "Do you wish to change it? [Y/n]"
NTPSRVCounter2=1
read opt
case $opt in
Y|y) read -p "Enter in your primary NTP server: " -e -i '0.debian.pool.ntp.org' UserInputNTP1
read -p "Enter in your secondary NTP serer: " -e -i '1.debian.pool.ntp.org' UserInputNTP2
for NTP in "$UserInputNTP1" "$UserInputNTP2" ; do
is_fqdn "$NTP"
if [[ $? == 0 && $NTPSRVCounter2 == 1 ]] ; then
SEDUserInput1=$(echo $UserInputNTP1 | sed 's/\./\\./g')
((NTPSRVCounter2++))
elif [[ $? == 0 && $NTPSRVCounter2 == 2 ]] ; then
SEDUserInput2=$(echo $UserInputNTP2 | sed 's/\./\\./g')
sudo sed -i "s/$SEDConfiguredNTP1/$SEDUserInput1/g" /root/ntp.conf
sudo sed -i "s/$SEDConfiguredNTP2/$SEDUserInput2/g" /root/ntp.conf
else
echo "Fail!!! :-( "
fi
done
;;
N|n) return 0
;;
*) echo "I don't know what happened, but, eh, you're not supposed to be here."
;;
esac
The problem is with the "elif" statement and the function "is_fqdn" on the second run of the function. If I put "bash -x" on the script and run it, I see "is_fqdn" returning 0 on both runs of the function, but the elif statement "$?" is coming up as 1 instead of 0.
The two functions used are below. Have to validate NTP addresses as either valid domain names or I.P. addresses, right? :)
is_fqdn() {
hostname=$1
if [[ "$hostname" =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
valid_ip "$hostname"
elif [[ "$hostname" == *"."* && "$hostname" != "localhost." && "$hostname" != "localhost" ]] ; then
return 0
else
return 1
fi
host $hostname > /dev/null 2>&1 || return 1
}
valid_ip(){
local stat=1
local ip=$1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
OIFS=$IFS
IFS="."
ip=($ip)
IFS=$OIFS
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 && ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
stat=$?
fi
return "$stat"
}
The condition in your if sets the value of $?, and that is what's used by the condition in the elif part, not the return value of is_fqdn. You need to save the value if you want to use it in multiple places:
is_fqdn "$NTP"
is_fqdn_rv=$?
if [[ $is_fqdn_rv == 0 && $NTPSRVCounter2 == 1 ]] ; then
SEDUserInput1=$(echo $UserInputNTP1 | sed 's/\./\\./g')
((NTPSRVCounter2++))
elif [[ $is_fqdn_rv == 0 && $NTPSRVCounter2 == 2 ]] ; then
SEDUserInput2=$(echo $UserInputNTP2 | sed 's/\./\\./g')
sudo sed -i "s/$SEDConfiguredNTP1/$SEDUserInput1/g" /root/ntp.conf
sudo sed -i "s/$SEDConfiguredNTP2/$SEDUserInput2/g" /root/ntp.conf
else
echo "Fail!!! :-( "
fi