Commands tagged crypt (5)

  • (Please see sample output for usage) Use any script name (the read command gets it) and it will be encrypted with the extension .crypt, i.e.: myscript --> myscript.crypt You can execute myscript.crypt only if you know the password. If you die, your script dies with you. If you modify the startup line, be careful with the offset calculation of the crypted block (the XX string). Not difficult to make script editable (an offset-dd piped to a gpg -d piped to a vim - piped to a gpg -c directed to script.new ), but not enough space to do it on a one liner. Sorry for the chmod on parentheses, I dont like "-" at the end. Thanks flatcap for the subshell abbreviation to /dev/null Show Sample Output


    6
    read -p 'Script: ' S && C=$S.crypt H='eval "$((dd if=$0 bs=1 skip=//|gpg -d)2>/dev/null)"; exit;' && gpg -c<$S|cat >$C <(echo $H|sed s://:$(echo "$H"|wc -c):) - <(chmod +x $C)
    rodolfoap · 2013-03-10 08:59:45 11
  • (Please see sample output for usage) script.bash is your script, which will be crypted to script.secure script.bash --> script.secure You can execute script.secure only if you know the password. If you die, your script dies with you. If you modify the startup line, be careful with the offset calculation of the crypted block (the XX string). Not difficult to make script editable (an offset-dd piped to a gpg -d piped to a vim - piped to a gpg -c directed to script.new ), but not enough space to do it on a one liner. Show Sample Output


    5
    echo "eval \"\$(dd if=\$0 bs=1 skip=XX 2>/dev/null|gpg -d 2>/dev/null)\"; exit" > script.secure; sed -i s:XX:$(stat -c%s script.secure): script.secure; gpg -c < script.bash >> script.secure; chmod +x script.secure
    rodolfoap · 2013-03-09 11:16:48 9
  • Test for weak SSL version. Show Sample Output


    1
    openssl s_client -connect localhost:443 -ssl2
    fernandomerces · 2011-04-02 06:34:39 4
  • Function: char * crypt (const char *key, const char *salt) The crypt function takes a password, key, as a string, and a salt character array which is described below, and returns a printable ASCII string which starts with another salt. It is believed that, given the output of the function, the best way to find a key that will produce that output is to guess values of key until the original value of key is found. The salt parameter does two things. Firstly, it selects which algorithm is used, the MD5-based one or the DES-based one. Secondly, it makes life harder for someone trying to guess passwords against a file containing many passwords; without a salt, an intruder can make a guess, run crypt on it once, and compare the result with all the passwords. With a salt, the intruder must run crypt once for each different salt. For the MD5-based algorithm, the salt should consist of the string $1$, followed by up to 8 characters, terminated by either another $ or the end of the string. The result of crypt will be the salt, followed by a $ if the salt didn't end with one, followed by 22 characters from the alphabet ./0-9A-Za-z, up to 34 characters total. Every character in the key is significant. For the DES-based algorithm, the salt should consist of two characters from the alphabet ./0-9A-Za-z, and the result of crypt will be those two characters followed by 11 more from the same alphabet, 13 in total. Only the first 8 characters in the key are significant. Show Sample Output


    0
    useradd -m -p $(perl -e'print crypt("pass", "mb")') user
    mariusbutuc · 2010-09-03 19:00:56 5
  • In order to create a new encrypted filing system managed by cryptmount, you can use the supplied 'cryptmount-setup' program, which can be used by the superuser to interactively configure a basic setup. Alternatively, suppose that we wish to setup a new encrypted filing system, that will have a target-name of "opaque". If we have a free disk partition available, say /dev/hdb63, then we can use this directly to store the encrypted filing system. Alternatively, if we want to store the encrypted filing system within an ordinary file, we need to create space using a recipe such as: dd if=/dev/zero of=/home/opaque.fs bs=1M count=512 . cryptmount --generate-key 32 opaque . cryptmount --prepare opaque . mke2fs /dev/mapper/opaque . cryptmount --release opaque . mkdir /home/crypt . cryptmount -m opaque . cryptmount -u opaque For detail see sample output Show Sample Output


    -2
    cryptmount -m <name>
    totti · 2012-01-17 18:02:47 7

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Server load and process monitoring
In certain cases you mighy need to monitor the server load caused by certain process. For example HTTP, while stress testing apache using ab (apache benchmark) you may want to monitor the server status,load, # of spawned HTTP processes, # of established connections, # of connections in close wait state, apache memory footprint etc.

Change mysql prompt to be more verbose
You can put this into your shell sourced file like .bashrc or .zshrc to have a different mysql prompt. See http://dev.mysql.com/doc/refman/5.1/de/mysql-commands.html for more informations. Beware that currently with mysql 5.5 the seconds are buggy and won't be displayed if you put this into a .cnf file. With the enironment variable this will work.

Find usb device in realtime
Using this command you can track a moment when usb device was attached.

diff output of two commands
This only works in bash

Get AWS temporary credentials ready to export based on a MFA virtual appliance
You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token. This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use: `awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'` You must adapt the command line to include: * $MFA_IDis ARN of the virtual MFA or serial number of the physical one * TTL for the credentials

list files recursively by size

Show current working directory of a process

RTFM function
Simple edit to work for OSX. Now just add this to your ~/.profile and `source ~/.profile`

Get AWS temporary credentials ready to export based on a MFA virtual appliance
You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token. This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use: `awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'` You must adapt the command line to include: * $MFA_IDis ARN of the virtual MFA or serial number of the physical one * TTL for the credentials

Convert CSV to JSON
Replace 'csv_file.csv' with your filename.


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: