I'm trying to follow this answer, which suggesting running this command:
sudo bash -c "echo -n | openssl s_client -showcerts -connect $hostname:$port -servername $hostname \
2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
>> $trust_cert_file_location"
But I'm getting:
syntax error near unexpected token `newline'
Now, I've figured out that it's probably because of either the > or >> operators in the command. I've found answers saying to escape such characters with quotes, but they all talk about cases when the '>' characters are a part of a simple text. What to do when it's an actual operator like in my case?
Assuming you are coping some white spaces after the \.
Suggesting to remove the new line separator:
sudo bash -c "echo -n | openssl s_client -showcerts -connect $hostname:$port -servername $hostname 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $trust_cert_file_location"
Suggesting to test if you get all certificates or just the first one.
Related
I was following this link to stream data from mysql to kafka topic in my ubuntu machine. There, in
Kafka Connect setup topic, when I run to check if my connectors are running with this(as suggested there):
curl -s "http://localhost:8083/connectors" | jq '.[]' | xargs -I mysql-connector curl -s "http://localhost:8083/connectors/mysql-connector/status" | jq -c -M '[.name,.connector.state,.tasks[].state] | \
join(":|:")'| column -s : -t| sed 's/\"//g'| sort
I got this error:
jq: error: syntax error, unexpected INVALID_CHARACTER (Unix shell
quoting issues?) at , line 1:
[.name,.connector.state,.tasks[].state] | \
jq: 1 compile error (23) Failed writing body (23) Failed writing body
I am totally stuck. Anyone please help if possible.
N.B.: This is not duplicate question, though question with similar headline exists but problem is different and I have checked them well.
You are abusing \. Use:
curl -s "http://localhost:8083/connectors" |
jq '.[]' |
xargs -I mysql-connector curl -s "http://localhost:8083/connectors/mysql-connector/status" |
jq -c -M '[.name,.connector.state,.tasks[].state] |
join(":|:")' |
column -s : -t |
tr -d \" |
sort
It might be cleaner to put the jq all on one line, but the key point is that if you try to escape the newline inside single quotes, you end up with a literal backslash in the jq command that does not belong there.
The following works in bash (/bin/bash):
Code:
echo "U2FsdGVkX198UexvhHEtfC7iLbT3awAfla77fvSjZQJ0LC4GmDMeLOghPWXpyy6e" | openssl aes-128-cbc -a -d -salt -pass file:<( echo -n "toy" )
Fri Sep 15 15:20:01 PDT 2017
But fails when run in sh (/bin/sh):
Code:
echo "U2FsdGVkX198UexvhHEtfC7iLbT3awAfla77fvSjZQJ0LC4GmDMeLOghPWXpyy6e" | openssl aes-128-cbc -a -d -salt -pass file:<( echo -n "toy" )
sh: 15: Syntax error: "(" unexpected
is there a way around this?
As you can see here, i'm using a named pipe for the password and id like to continue doing that. I just need this (or a very close variation of it) to work in /bin/sh.
OS: All Unix flavors.
You can use a named pipe explicitly:
mkfifo passwd
printf '%s' "toy" > passwd &
echo "U2FsdGVkX198UexvhHEtfC7iLbT3awAfla77fvSjZQJ0LC4GmDMeLOghPWXpyy6e" |
openssl aes-128-cbc -a -d -salt -pass file:passwd
rm passwd
I want to encode randomly generated token with aes-256-cbc in bash. When I write this code in shell:
echo -n 8724eb94-ff8f-441e-81a7-bc4282f7c342 | openssl enc -a -e -aes-256-cbc -nosalt -pass pass:fzJKp5/vYUWZUZ1hVSXycdmskKcSNtmZoFhPv5UtWGuoV9yH61JCjKzXUWmRCJJ9FITOi66ANSDpBJZKjrRFjA==
I get: HdkTpAnsJ+bHi0DggaQq3iJMh0mrgcohOiJDeGzpqLFdvZUEXaD3YBEqGa4rBB7Y - and it is the same as in Node.js crypto module.
But! When I write this code in bashscript:
hash=$(echo -n 8724eb94-ff8f-441e-81a7-bc4282f7c342 | openssl enc -a -e -aes-256-cbc -nosalt -pass pass:fzJKp5/vYUWZUZ1hVSXycdmskKcSNtmZoFhPv5UtWGuoV9yH61JCjKzXUWmRCJJ9FITOi66ANSDpBJZKjrRFjA==);
echo ${hash}
I get alphrNunU02O4Xxw+qVgaEEaZGTrdGenvgsGnt0lczOkGKX5l6rAQTY3EJ8VA0iB and I have no idea why and where is bug. I have tried using ``, but with same wrong encoded value.
I have never write anything in bash, so I have no idea about some "tricks".
Thank you for any answers!
I figured it out. I have using:
'sh script.sh'
to run my script. But when I have done this:
'bash script.sh'
everything works perfectly. I have no idea why (yet) and now I will look for answer for 'What is thy difference between 'sh' and 'bash' '.
Thank you for some suggestions!
I have the following command.
openssl s_client -connect my.site.com:443
This connects, so then I type the following:
GET /ws/map/v1/search.wsdl HTTP/1.1
Host: my.site.com
This returns the xml I'm looking for from the wsdl.
However, I'm finding it hard to script it to run as one job.
#!/bin/bash
echo 'openssl s_client -connect my.site.com:443'
echo 'GET /ws/map/v1/search.wsdl HTTP/1.1
Host: my.site.com'
while read x
do
echo "$x"
done
Is there something i'm missing here when trying to send this command to the ssl console, and have it read to a var that I can work with??
Thanks much!
Ben
okay, so now I have script 1 which has the following.
#!/bin/bash
openssl s_client -connect my.site.com:443
and script 2 does
#!/bin/bash
echo 'GET /ws/map/v1/search.wsdl HTTP/1.1'
echo 'Host: my.site.com'
while read x
do
echo "$x"
done
and when I type
script1.sh | script2.sh
and I get : bad interpreter: A file or directory in the path name does not exist.
any ideas?
Got it!
:)
echo -e "GET /ws/map/v1/search.wsdl HTTP/1.1\nHost: my.site.com\n\n" | openssl s_client -connect my.site.com:443 -ign_eof
Really hope this helps someone going forward.
Hey guys I am trying to figure out a way to time out a variable if it goes past X time trying to get contents, this is based on touching a server to verify it has SSL. If the server doesn't respond in X seconds I would like to just set the variable as empty (or set some other flag if possible)
What I am using is
response=$(echo ^D |openssl s_client -connect ${line}:443 2> /dev/null |openssl x509 -noout -hash |grep -E '^[[:xdigit:]]{8}')
where $line is baidu.com for now
I tried something like this
( cmdpid=$BASHPID;
( sleep 10; kill $cmdpid; echo -e "\n\t$line missed window, terminating...\n"
) & exec response=$(echo ^D |openssl s_client -connect ${line}:443 2> /dev/null |openssl x509 -noout -hash |grep -E '^[[:xdigit:]]{8}')
)
But realized several issues, such as A) I am in a subshell and cannot get my variable out, B) I am trying to run response=#hash and returning errors etc
What would the best way to run a timeout on capturing my variable?
Thanks
IFS= read -t 10 -d '' variable < <(yourcommand)
e.g.
IFS= read -t 10 -d '' response < <(echo ^D |openssl s_client -connect ${line}:443 2> /dev/null |openssl x509 -noout -hash |grep -E '^[[:xdigit:]]{8}')