im trying to make sure the openssl password does not show up in the output of ps.
so i'm trying to do something like this:
MAST=yup
echo "U2FsdGVkX19wH9LrQhuRZes45BM9rfiRpdhTCi+gLls=" | openssl <<HERE 2>&1 >/dev/null
aes-128-cbc -a -d -salt -k "${MAST}"
HERE
But this isn't working.. I get the following error:
error reading input file
error in aes-128-cbc
note, the password stored in the variable MAST will be given by the user. i'm just hardcoding it in this particular example to illustrate my problem.
the way i was doing this because was:
echo "U2FsdGVkX19wH9LrQhuRZes45BM9rfiRpdhTCi+gLls=" | openssl aes-128-cbc -a -d -salt -k "yup"
but this shows the password in ps, which is what i'm trying to avoid.
echo some_input | command <<HERE
but_so_is_this
HERE
Get it? Move the second input to the here-doc also.
RudiC
October 7, 2016, 9:30am
3
It also seems aes-128-cbc is a command line parameter ("cipher command") to openssl , not something it reads from stdin.
Have you tried using public/private key authentication?
Hi,
export MAST="yup"
echo "U2FsdGVkX19wH9LrQhuRZes45BM9rfiRpdhTCi+gLls=" | openssl aes-128-cbc -a -d -salt -pass env:MAST
Regards.
disedorgue:
Hi,
export MAST="yup"
echo "U2FsdGVkX19wH9LrQhuRZes45BM9rfiRpdhTCi+gLls=" | openssl aes-128-cbc -a -d -salt -pass env:MAST
Regards.
thank you. this worked!
i had came here to ask why this command works from the command line:
echo "U2FsdGVkX19wH9LrQhuRZes45BM9rfiRpdhTCi+gLls=" | openssl aes-128-cbc -a -d -salt -pass file:<( echo -n "yup" )
but not from a script. if run from a script, i get this:
./myscript.sh: 3: ./myscript.sh: Syntax error: "(" unexpected
You are probably running your script in a different shell.
What is the shell you use in your script ?<(...) not work in sh.
im using "sh" in my script.
thank you!
What is your final goal ?
Regards.
Sure.
#!/bin/bash
# here comes your commands:
echo ...