I'm trying to use the terminal version of mcrypt but I haven't success...
I writed:
mcrypt -a xtea -m ecb -k "qawsedrftgyhujik" test > testresult
where:
xtea is the algorithm
ecb is the mode
qawsedrftgyhujik is the 128bits key
test is the source file
testresult is the target file
The program gets freeze and I have to abort with ctl+c. Does anyone knows why?
you have to enter your text and press ctrl+d on a new line to terminate the input, then it should work
edit: the problem is that -k takes multiple arguments (man mcrypt):
mcrypt [ -dLFubhvrzp ] [-a algorithm] [-c config_file] [-m mode] [-s keysize] [-o keymode] [-k key1 key2 ...] [-f keyfile] [ filename ... ]
so if you want to read from the file test, you can use one of these:
mcrypt -a xtea -k "qawsedrftgyhujik" -m ecb test > testresult # option after -k
cat test | mcrypt -a xtea -m ecb -k "qawsedrftgyhujik" > testresult # pipe
mcrypt -a xtea -m ecb -k "qawsedrftgyhujik" < test > testresult # stdin redirect
Related
I am struggling with some bash script that generates some Environment Variables for me. I am using it in .travis.yml file later.
My encrypted key looks like that:
someRandomCharacters
withNewLine
In Terminal I checked three possibilities.
echo "someRandomCharacters
withNewLine" | openssl enc -aes-128-cbc -a -salt -pass pass:SomePassword -base64 -d
and
echo "someRandomCharacters\nWithNewLine" | openssl enc -aes-128-cbc -a -salt -pass pass:SomePassword -base64 -d
will give me correct output.
echo "someRandomCharactersWithNewLine" | openssl enc -aes-128-cbc -a -salt -pass pass:SomePassword -base64 -d
This one above will return error reading input file
So far so good - I understand why it works like that. But when I try to enter any of abovementioned options - for example like that:
- SOME_ENV=`echo "someRandomCharacters\nWithNewLines" | openssl enc -aes 128-cbc -a -salt -pass pass:SomePassword -base64 -d`
into travis.yml, two last options will return error reading input file and the first one will crash the whole build due to incorrect .yaml syntax.
I've tried to use any of these three above + many more for example with "\n" as special character as I found in examples here on STO. Any of them would return error reading input file and none of them returned me decrypted SOME_ENV into travis. Is there any solution for that? Or maybe my poor experience with BASH and YAML blocks me for seeing obvious mistake?
While it's hard to tell what exactly the problem is given fake data, here are some data points:
dash (the shell you get if you just run sh on modern Linux distros) and bash behave differently in certain cases.
You should never assume that a code snippet runs with bash, because any number of reasons can cause it to be run with sh instead, and it's sometimes hard to tell.
Here's a script containing a \n sequence that works with sh but fails with bash:
$ cat myfile
echo "U2FsdGVkX19EB+D8no\n9+9bnl4dE5H2WbOUSvsGZjK7s=" | openssl enc -aes-128-cbc -a -salt -pass pass:MyPassword -base64 -d
$ sh myfile
My test data
$ bash myfile
error reading input file
If we instead use echo -e, we get the opposite result where dash fails and bash works:
$ cat myfile
echo -e "U2FsdGVkX19EB+D8no\n9+9bnl4dE5H2WbOUSvsGZjK7s=" | openssl enc -aes-128-cbc -a -salt -pass pass:MyPassword -base64 -d
$ sh myfile
error reading input file
$ bash myfile
My test data
This is why POSIX recommends not using echo. If we instead use printf, it works on both:
$ cat myfile
printf "U2FsdGVkX19EB+D8no\n9+9bnl4dE5H2WbOUSvsGZjK7s=\n" | openssl enc -aes-128-cbc -a -salt -pass pass:MyPassword -base64 -d
$ sh myfile
My test data
$ bash myfile
My test data
However, the line feed sequence in the middle is optional for openssl, and can just be removed (even though you seem to say that this doesn't work: maybe you removed the \ but not the n?)
$ cat myfile
echo "U2FsdGVkX19EB+D8no9+9bnl4dE5H2WbOUSvsGZjK7s=" | openssl enc -aes-128-cbc -a -salt -pass pass:MyPassword -base64 -d
$ sh myfile
My test data
$ bash myfile
My test data
I'm having trouble getting the check_snmp plugin to connect and return values. I'm running CentOS7, Nagios 4.0.8, check_snmp 2.0.3. While can snmpget and snmpwalk from the command line, check_snmp fails. Here are some examples...
snmpget:
# snmpget -v 3 -u myuser -x aes -X mypasswd -a md5 -A mypasswd -c Public -l AuthPriv 111.222.333.111 sysUpTime.0
...returns...
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (10475998) 1 day, 5:05:59.98
snmpwalk:
# snmpwalk -v 3 -u myuser -x aes -X mypasswd -a md5 -A mypasswd -c Public -l AuthPriv 111.222.333.111 sysUptime
...returns...
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (10473493) 1 day, 5:06:10.93
check_snmp:
/usr/lib64/nagios/plugins/check_snmp -H 111.222.333.111 -o sysUpTime.0 -P 3 -l AuthPriv -U myuser -A mypasswd -a md5 -X mypasswd -x aes
...returns...
External command error: Error in packet
Reason: authorizationError (access denied to that object)
Failed object: DISMAN-EVENT-MIB::sysUpTimeInstance
When I run check_snmp with verbose on, I get...
/usr/bin/snmpget -Le -t 1 -r 5 -m ALL -v 3 [authpriv] 156.128.2.250:161 sysUpTime.0
check_snmp is clearly not constructing the snmpget command with the args that are being passed to it. I'm at a loss for why.
The syntax is a little different for check_snmp sec level. Try:
-L authPriv
instead of:
-l AuthPriv
You can confirm this by invoking the help of the plugin with -h:
./check_snmp -h
check_snmp v2.0.3 (nagios-plugins 2.0.3)
...
-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]
...
I am trying to make some workaround to solve a problem.
We have a gtk+ program that call a bash script who calls rdesktop.
In a machine, we discover that the rdesktop call need on extra parameter...
Since i didnt write anything of this code, and i can modify the GTK part of the problem, i can only edit the bash script that make the middle call between the calls.
i have a variable called CMD with something that look like:
rdesktop -x m -r disk:USBDISK=/media -r disk:user=/home/user/ -r printer:HP_Officejet_Pro_8600 -a 16 -u -p -d -g 80% 192.168.0.5
i need to "live edit" this line for when the printer parameter exists, it append ="MS Publisher Imagesetter" after the printer name.
The best i accompplish so far is
ladb#luisdesk ~ $ input="rdesktop -x m -r disk:USBDISK=/media -r disk:user=/home/user/ -r printer:HP_Officejet_Pro_8600 -a 16 -u -p -d -g 80% 192.168.0.5"
ladb#luisdesk ~ $ echo $input | sed s/'printer:.*a /=\"MS Publisher Imagesetter\" '/
Which return me:
rdesktop -x m -r disk:USBDISK=/media -r disk:user=/home/user/ -r ="MS Publisher Imagesetter" 16 -u -p -d -g 80% 192.168.0.5
Almost this, but i need to append the string, not replace it.
help?
Edit: i pasted incomplete exemples. fixed
Edit2:
With the help of who respond, i end up with
echo "$input" | sed 's/\(printer:\)\([^ ]*\)/\1\2="MS Publisher Imagesetter"/'
If you want the output to look like:
rdesktop -x m -r disk:USBDISK=/media -r disk:user=/home/user/ -r printer:"HP_Officejet_Pro_8600 MS Publisher Imagesetter" -a 16 -u -p -d -g 80% 192.168.0.5
This sed will do, it matches the printer: part first then the existing printer name and quotes both, if not you can adjust the replacement
variables to put the quotes/spacing where you want:
input="rdesktop -x m -r disk:USBDISK=/media -r disk:user=/home/user/ -r printer:HP_Officejet_Pro_8600 -a 16 -u -p -d -g 80% 192.168.0.5"
echo "$input" | sed 's/\(printer:\)\([^ ]*\)/\1"\2 MS Publisher Imagesetter"/'
output:
rdesktop -x m -r disk:USBDISK=/media -r disk:user=/home/user/ -r printer:"HP_Officejet_Pro_8600 MS Publisher Imagesetter" -a 16 -u -p -d -g 80% 192.168.0.5
You can use this:
sed 's/printer:[^=]\+=/\0 "MS Publisher Imagesetter"/' <<< "$input"
The \0 in the replacement pattern outputs the match itself.
What is the proper way to convey the notion of "one or more of the following option flags must be present -a -b -c" in a bash usage message?
(Details on similar problems/solutions, to show my current attempts follow.)
I know how to specify a required argument:
usage: ./my_script.sh arg_matey.html
I also know how to specify an optional argument such as -x:
usage: ./my_script.sh [-x] marks_the_spot.py
I even know how to make mutually exclusive optional arguments:
usage: ./my_script.sh [-p | -i | -r | -a | -t | -e] walk_the_plank.txt
But no combination of those seems to satisfy the notion of 1+ option from a list must be used.
Consider using a multi line usage statement.
usage: ./my_script.sh flag walk_the_plank.txt
Flags: [-p | -i | -r | -a | -t | -e]
I would like to create script, which simply runs ssh-keygen -t rsa. But how to pass to it 3 times enter?
Try:
ssh-keygen -t rsa -N "" -f my.key
-N "" tells it to use an empty passphrase (the same as two of the enters in an interactive script)
-f my.key tells it to store the key into my.key (change as you see fit).
The whole thing runs without you needing to supply any enter keys :)
To send enters to an interactive script:
echo -e "\n\n\n" | ssh-keygen -t rsa
a version with passphrase is:
$ ssh-keygen -t rsa -b 4096 -C "comment" -P "examplePassphrase" -f "desired pathAndName" -q
the -q is for silent
Source is http://linux.die.net/man/1/ssh-keygen
Agree with Michel Marro except that it needs some more:
If the file already exists, it will still be interactive asking if it has to overwrite it.
Use the answer of this question.
yes y | ssh-keygen -q -t rsa -N '' >/dev/null
The redirection to null is necessary to silence the overwrite message.
It is recommended to use ed25519 for security and performance.
yes "y" | ssh-keygen -o -a 100 -t ed25519 -C "Bla Bla" -f /mypath/bla -N ""
here
-o OpenSSH key format instead of older PEM (needs OpenSSH 6.5+)
-a Number of primality test while screening DH-GEX candidates
-t Type of key (ed25519, RSA, DSA etc.)
-f /mypath/bla The output file path and name
-N "" Use empty passphase
and yes "y" for no interaction.
It will generate two files
/mypath/bla
/mypath/bla.pub
where the bla file is private and bla.pub is public.
echo -e "\n"|ssh-keygen -t rsa -N ""