Commands tagged crypt (5)

  • (Please see sample output for usage) Use any script name (the read command gets it) and it will be encrypted with the extension .crypt, i.e.: myscript --> myscript.crypt You can execute myscript.crypt only if you know the password. If you die, your script dies with you. If you modify the startup line, be careful with the offset calculation of the crypted block (the XX string). Not difficult to make script editable (an offset-dd piped to a gpg -d piped to a vim - piped to a gpg -c directed to script.new ), but not enough space to do it on a one liner. Sorry for the chmod on parentheses, I dont like "-" at the end. Thanks flatcap for the subshell abbreviation to /dev/null Show Sample Output


    6
    read -p 'Script: ' S && C=$S.crypt H='eval "$((dd if=$0 bs=1 skip=//|gpg -d)2>/dev/null)"; exit;' && gpg -c<$S|cat >$C <(echo $H|sed s://:$(echo "$H"|wc -c):) - <(chmod +x $C)
    rodolfoap · 2013-03-10 08:59:45 9
  • (Please see sample output for usage) script.bash is your script, which will be crypted to script.secure script.bash --> script.secure You can execute script.secure only if you know the password. If you die, your script dies with you. If you modify the startup line, be careful with the offset calculation of the crypted block (the XX string). Not difficult to make script editable (an offset-dd piped to a gpg -d piped to a vim - piped to a gpg -c directed to script.new ), but not enough space to do it on a one liner. Show Sample Output


    5
    echo "eval \"\$(dd if=\$0 bs=1 skip=XX 2>/dev/null|gpg -d 2>/dev/null)\"; exit" > script.secure; sed -i s:XX:$(stat -c%s script.secure): script.secure; gpg -c < script.bash >> script.secure; chmod +x script.secure
    rodolfoap · 2013-03-09 11:16:48 6
  • Test for weak SSL version. Show Sample Output


    1
    openssl s_client -connect localhost:443 -ssl2
    fernandomerces · 2011-04-02 06:34:39 0
  • Function: char * crypt (const char *key, const char *salt) The crypt function takes a password, key, as a string, and a salt character array which is described below, and returns a printable ASCII string which starts with another salt. It is believed that, given the output of the function, the best way to find a key that will produce that output is to guess values of key until the original value of key is found. The salt parameter does two things. Firstly, it selects which algorithm is used, the MD5-based one or the DES-based one. Secondly, it makes life harder for someone trying to guess passwords against a file containing many passwords; without a salt, an intruder can make a guess, run crypt on it once, and compare the result with all the passwords. With a salt, the intruder must run crypt once for each different salt. For the MD5-based algorithm, the salt should consist of the string $1$, followed by up to 8 characters, terminated by either another $ or the end of the string. The result of crypt will be the salt, followed by a $ if the salt didn't end with one, followed by 22 characters from the alphabet ./0-9A-Za-z, up to 34 characters total. Every character in the key is significant. For the DES-based algorithm, the salt should consist of two characters from the alphabet ./0-9A-Za-z, and the result of crypt will be those two characters followed by 11 more from the same alphabet, 13 in total. Only the first 8 characters in the key are significant. Show Sample Output


    0
    useradd -m -p $(perl -e'print crypt("pass", "mb")') user
    mariusbutuc · 2010-09-03 19:00:56 0
  • In order to create a new encrypted filing system managed by cryptmount, you can use the supplied 'cryptmount-setup' program, which can be used by the superuser to interactively configure a basic setup. Alternatively, suppose that we wish to setup a new encrypted filing system, that will have a target-name of "opaque". If we have a free disk partition available, say /dev/hdb63, then we can use this directly to store the encrypted filing system. Alternatively, if we want to store the encrypted filing system within an ordinary file, we need to create space using a recipe such as: dd if=/dev/zero of=/home/opaque.fs bs=1M count=512 . cryptmount --generate-key 32 opaque . cryptmount --prepare opaque . mke2fs /dev/mapper/opaque . cryptmount --release opaque . mkdir /home/crypt . cryptmount -m opaque . cryptmount -u opaque For detail see sample output Show Sample Output


    -2
    cryptmount -m <name>
    totti · 2012-01-17 18:02:47 3

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Mount the first NTFS partition inside a VDI file (VirtualBox Disk Image)
Found at: http://forums.virtualbox.org/viewtopic.php?t=52

Using parcellite, indents the content of the clipboard manager
This command takes the content of a Parcellite-managed clipboard manager and add one level of indentation to it. It may be useful to indent a block of code which will enter inside another, already indented one but I use it mostly to indent code I will post in Stack Overflow questions and answers.

Calculate days on which Friday the 13th occurs (inspired from the work of the user justsomeguy)
Friday is the 5th day of the week, monday is the 1st. Output may be affected by locale.

Install a local RPM package from your desktop, then use the YUM repository to resolve its dependencies.
When downloading RPMs from the Internet, you don't have to 'rpm -i' or 'rpm -U' to install the package. Especially, if the package has dependencies. If you have YUM setup to access an RPM repository, this command will install the downloaded package, then any dependencies through YUM that it relies on. Very handy on RPM-based systems.

Copy a MySQL Database to a new Server via SSH with one command
Dumps a MySQL database over a compressed SSH tunnel and uses it as input to mysql - i think that is the fastest and best way to migrate a DB to a new server!

Remove a line from a file using sed (useful for updating known SSH server keys when they change)
remove the host for the .ssh/know_host file

recursively change file name from uppercase to lowercase (or viceversa)
Example of zsh globing, glob qualifier, and substitution: -Q state that the parameter will contain a glob qualifier. (**/)(*) is recursive (.) is our glob qualifier, with states the match is a file "." The first parameter $1, is then substituted with $2 but with lowercasing '(L)' ... a (U) would of course be from lower to upper.

Find how much of your life you've wasted coding in the current directory
Finds all C++, Python, SWIG files in your present directory (uses "*" rather than "." to exclude invisibles) and counts how many lines are in them. Returns only the last line (the total).

detect partitions
Shows all block devices in a tree with descruptions of what they are.

copy from host1 to host2, through your host
Good if only you have access to host1 and host2, but they have no access to your host (so ncat won't work) and they have no direct access to each other.


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: