/root/.blog

Encrypt or Decrypt files

encrypt.sh

#!/bin/bash

infile=$1
outfile=${infile}.enc

if [ -f ${infile} ]; then
    if [ -f ${outfile} ]; then
        echo "target file ${outfile} already exists"
        exit 1
    fi

    printf "Enter encryption password: "
    read pass

    if [ -z ${pass} ]; then
        echo "No password provided, using default: biscuit"
        pass=biscuit
    fi

    cat ${infile} |openssl enc -base64 -e -aes-256-cbc -nosalt -pass pass:${pass} > ${outfile}

fi

decrypt.sh

#!/bin/bash

infile=$1
outfile=`echo ${infile} |sed 's/\.enc//'`

if [ -f ${infile} ]; then
    if [ -f ${outfile} ]; then
        echo "target file ${outfile} already exists"
        exit 1
    fi

    printf "Enter decryption password: "
    read pass

    if [ -z ${pass} ]; then
        echo "No password provided, using default: biscuit"
        pass=biscuit
    fi

    cat ${infile} |openssl enc -base64 -d -aes-256-cbc -nosalt -pass pass:${pass} > ${outfile}

fi

Allow user process to use privileged ports

In this example we have a tomcat server running as user tomcat on Solaris or Linux. Both don't allow a normal user to listen on ports lower than 1024.

Solaris:

# usermod -K defaultpriv=basic,net_privaddr tomcat

Linux: (replace <java_home> with your path to java)

# setcap cap_net_bind_service=+ep <java_home>/bin/java
# echo "<java_home>/jre/lib/amd64/jli" >> /etc/ld.so.conf.d/java.conf
# ldconfig
Newer Posts