Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

OpenID
or
Sign in Register

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2012-05-20 - test
test
2012-05-20 - test
test
2012-05-20 - test
test
2012-05-20 - Test tweets
YU not working?
Hide

Tags

Hide

Functions

Hide

Credits

Site by David Winterbottom (user root).

Commands tagged openssl

Commands tagged openssl from sorted by
Terminal - Commands tagged openssl - 18 results
regenerateCSR () { openssl genrsa -out $2 2048; openssl x509 -x509toreq -in $1 -out $3 -signkey $2; }
2012-02-17 02:45:26
User: mrnetops
Tags: bash openssl function
0
Up
Down
new ssl key and csr based on a previous ssl certificate
regenerateCSR original.crt new.key new.csr
Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
touch pk.pem && chmod 600 pk.pem && openssl genrsa -out pk.pem 2048 && openssl req -new -batch -key pk.pem | openssl x509 -req -days 365 -signkey pk.pem -out cert.pem
2011-05-11 18:09:33
User: bfreis
Functions: chmod touch
Tags: openssl certificate
1
Up
Down
Generate RSA private key and self-signed certificate

This will create, in the current directory, a file called 'pk.pem' containing an unencrypted 2048-bit RSA private key and a file called 'cert.pem' containing a certificate signed by 'pk.pem'. The private key file will have mode 600.

!!ATTENTION!! ==> this command will overwrite both files if present.

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
echo -n "String to MD5" | md5sum | awk '{print $1}'
2011-03-05 02:37:28
User: twjolson
Functions: awk echo md5sum
Tags: openssl md5
-1
Up
Down
Generate MD5 of string and output only the hash checksum
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl base64 -d < file.txt > out
2010-12-14 00:23:12
User: putnamhill
Tags: openssl
2
Up
Down
Decode base64-encoded file in one line of Perl

Another option is openssl.

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl dgst -sha256 <<<"test"
2010-12-05 17:34:06
User: dramaturg
Tags: openssl hash
1
Up
Down
Generate hash( of some types) from string

No need to install yet another program when openssl is already installed. :-)

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
echo $(openssl rand 4 | od -DAn)
2010-11-09 14:55:39
User: putnamhill
Functions: echo od
Tags: openssl random
12
Up
Down
Random unsigned integer
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
macchanger --random interface
2010-09-26 11:12:31
User: JulianTosh
Tags: sed openssl
-3
Up
Down
Generate a Random MAC address

macchanger will allow you to change either 1) mfg code, 2) host id, or 3) all of the above. Use this at wifi hotspots to help reduce profiling.

Show sample output | Comments (2) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl rand -hex 6 | sed 's/\(..\)/\1:/g; s/.$//'
2010-09-23 02:31:12
User: putnamhill
Functions: sed
Tags: sed xxd openssl
9
Up
Down
Generate a Random MAC address

Use the following variation for FreeBSD:

openssl rand 6 | xxd -p | sed 's/\(..\)/\1:/g; s/:$//'
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
for crt in $(locate -r '.+\.crt' | grep -v "/usr/share/ca-certificates/"); do ls -la $crt; done
2010-08-23 12:22:48
User: udog
Functions: grep locate ls
Tags: openssl locate
0
Up
Down
Find all relevant certificates (excluding some dirs) and list them each

Finds all cert files on a server and lists them, finding out, which one is a symbolic link and which is true.

You want to do this when a certificate expires and you want to know which files to substitute with the new cert.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl base64 -in base64.decoded.txt -out base64.encoded.txt
2010-08-13 20:39:10
User: argherna
Tags: macosx openssl base64
2
Up
Down
Encode/Decode text to/from Base64 on a Mac w/out Mac Ports

I have a mac, and do not want to install mac ports to get the base64 binary. Using openssl will do the trick just fine. Note, to decode base64, specify a '-d' after 'base64' in the command. Note also the files base64.decoded.txt and base64.encoded.txt are text files.

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl x509 -in filename.crt -noout -text
2010-01-05 18:02:25
User: wincus
Tags: openssl
1
Up
Down
view certificate details
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl rand -base64 1000 | tr "[:upper:]" "[:lower:]" | tr -cd "[:alnum:]" | tr -d "lo" | cut -c 1-8 | pbcopy
2009-12-29 17:18:25
User: _eirik
Functions: cut tr
Tags: Security openssl password
-3
Up
Down
generate random password

eliminates "l" and "o" characters change length by changing 'x' here: cut -c 1-x

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl des3 -salt -in unencrypted-data.tar -out encrypted-data.tar.des3
2009-10-03 03:50:46
User: berot3
Tags: openssl Encryption tar password lifehacker
4
Up
Down
Encrypted archive with openssl and tar

The lifehacker way: http://lifehacker.com/software/top/geek-to-live--encrypt-your-data-178005.php#Alternate%20Method:%20OpenSSL

"That command will encrypt the unencrypted-data.tar file with the password you choose and output the result to encrypted-data.tar.des3. To unlock the encrypted file, use the following command:"

openssl des3 -d -salt -in encrypted-data.tar.des3 -out unencrypted-data.tar
Show sample output | Comments (3) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl s_client -starttls smtp -crlf -connect 127.0.0.1:25
2009-08-19 08:37:24
User: realist
Tags: openssl smtp starttls
7
Up
Down
Connect to SMTP server using STARTTLS

Allows you to connect to an SMTP server over TLS, which is useful for debugging SMTP sessions. (Much like telnet to 25/tcp). Once connected you can manually issue SMTP commands in the clear (e.g. EHLO)

Show sample output | Comments (1) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
date --date="$(openssl x509 -in xxxxxx.crt -noout -startdate | cut -d= -f 2)" --iso-8601
2009-07-23 23:24:33
User: rez0r
Functions: date
Tags: openssl date iso start end
1
Up
Down
Output a SSL certificate start or end date

A quick and simple way of outputting the start and end date of a certificate, you can simply use 'openssl x509 -in xxxxxx.crt -noout -enddate' to output the end date (ex. notAfter=Feb 01 11:30:32 2009 GMT) and with the date command you format the output to an ISO format.

For the start date use the switch -startdate and for end date use -enddate.

Show sample output | Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
tar c folder_to_encrypt | openssl enc -aes-256-cbc -e > secret.tar.enc
2009-07-23 06:03:39
User: recursiverse
Functions: c++ tar
Tags: openssl Encryption tar
4
Up
Down
Encrypted archive with openssl and tar

command to decrypt:

openssl enc -aes-256-cbc -d < secret.tar.enc | tar x

Of course, don't forget to rm the original files ;) You may also want to look at the openssl docs for more options.

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
for file in *.pem; do ln -s $file `openssl x509 -hash -noout -in $file`.0; done
2009-06-30 17:42:07
User: darkpand
Functions: file ln
Tags: openssl certificate hashing
2
Up
Down
c_rehash replacement

When you don't have c_rehash handy. Really simple - if you have a .pem file that doesn't really contain a x509 cert (let's say, newreq.pem), it will create a link, simply called '.0', pointing to that file.

Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate
openssl pkcs12 -export -in /dir/CERTIFICATE.pem -inkey /dir/KEY.pem -certfile /dir/CA-cert.pem -name "certName" -out /dir/certName.p12
2009-03-15 23:14:26
User: gadget00
Tags: openssl digital certificate p12 private key S/MIME
0
Up
Down
Create a P12 file, using OpenSSL
Comments (0) | Add to favourites | Report as malicious | Submit alternative | Report as a duplicate