04-29-2014
Quote:
Originally Posted by
temp_user
(I don't have the option for sharing keys)
If your sysadmin doesn't allow you to share keys, they'll be absolutely livid to discover you kludging insecure solutions to automatically login as root with expect.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hello to all...this is my first post (so please go easy). :)
I feel pretty solid at expect scripting, but I'm running into an issue that I'm not able to wrap my head around. I wrote a script that is a little advanced for logging into a remote Linux machine and changing text in a file using sed.... (2 Replies)
Discussion started by: v1k0d3n
2 Replies
2. Shell Programming and Scripting
This Expect script provides expect with a list of IP addresses to Cisco IPS sensors and commands to configure Cisco IPS sensors. The user, password, IP addresses, prompt regex, etc. have been anonymized. In general this script will log into the sensors and send commands successfully but there are... (1 Reply)
Discussion started by: genewolfe
1 Replies
3. Shell Programming and Scripting
Hello,
I would like to make a script, ideally in perl since I am most familair with it, that does the following:
automatically starts up at 9 pm, searches through a specified directory for any new files, finds those new files and starts to run them through a pipeline. I have most of it worked... (4 Replies)
Discussion started by: amcrisan
4 Replies
4. Shell Programming and Scripting
Gents,
I have a wrapper script passing couple of information to an expect script mainly responsible for spawning scp and providing the password (which is transmitted down from the main script). the main script prepare the transfer to couple of servers, idea being to transfer the files in... (3 Replies)
Discussion started by: luc3004
3 Replies
5. Shell Programming and Scripting
I want to warn everyone, I am not a programmer lol. I'm an IT wanting to get a little insight of programming, and I like to play around so I can learn. Ok, so I'm going to school for IT Security and Forensics. I had a project to write a hack, and I chose to write a shell script to run dd to write... (8 Replies)
Discussion started by: joshbgosh10592
8 Replies
6. Shell Programming and Scripting
Hi All,
I run the scp command in shell prompt without issue, but when on expect script as below:
#!/usr/bin/expect
spawn scp /var/spool/sms/failed.tar.gz abc@10.10.12.2:/home/abc
expect "abc@10.10.12.2's password: "
send "abcfef\r"
exit 0
It looks not working at all and the... (3 Replies)
Discussion started by: elingtey
3 Replies
7. Shell Programming and Scripting
An Expect script using scp to copy directories is not moving the subdirectories as wanted. The directory structure is:
computerA (user 'test')
/home/test/parentDir/subdir1
/home/test/parentDir/subdir2
and I want them copied to
computerB (user 'archive')
/home/archive/subdir1... (1 Reply)
Discussion started by: nohj ordpl
1 Replies
8. Shell Programming and Scripting
Dear All,
I have a requirement where I have to SFTP or SCP a file in a batch script. Unfortunately, the destination server setup is such that it doesn't allow for shell command line login. So, I am not able to set up SSH keys. My source server is having issues with Expect. So, unable to use... (5 Replies)
Discussion started by: ss112233
5 Replies
9. Programming
I'm fairly new to scripting so this might not be possible.
I am using Expect with Cisco switches and need to capture the string after finding the expect request. For example, when I issue "show version" on a Nexus switch, I'm looking to capture the current firmware version:
#show version
... (0 Replies)
Discussion started by: IBGaryA
0 Replies
10. Shell Programming and Scripting
Hi All,
I have written a script to automate scp of files. Most of the times it works fine except few cases. I want your help and suggestions to fix these failures.
I have used expect & shell to do the automated scp. Below is code
$ cat scp.ksh
#!/bin/ksh
inputfile=$1
fdest_sid=$2... (8 Replies)
Discussion started by: veeresh_15
8 Replies
LEARN ABOUT CENTOS
tpm_quote_tools
TPM QUOTE
TOOLS(8) TPM QUOTE TOOLS(8)
NAME
TPM Quote Tools
PROGRAMS
tpm_mkuuid, tpm_mkaik, tpm_loadkey, tpm_unloadkey, tpm_getpcrhash, tpm_updatepcrhash, tpm_getquote, tpm_verifyquote
DESCRIPTION
TPM Quote Tools is a collection of programs that provide support for TPM based attestation using the TPM quote operation.
A TPM contains a set of Platform Configuration Registers (PCRs). In a well configured machine, some of these registers are set to known
values during the boot up process or at other times. For example, a PCR might contain the hash of a boot loader in memory before it is
run.
The TPM quote operation is used to authoritatively verify the contents of a TPM's Platform Configuration Registers (PCRs). During provi-
sioning, a composite hash of a selected set of PCRs is computed. The TPM quote operation produces a composite hash that can be compared
with the one computed while provisioning.
To use the TPM quote operation, keys must be generated. During provisioning, an Attestation Identity Key (AIK) is generated for each TPM,
and the public part of the key is made available to entities that validate quotes.
The TPM quote operation returns signed data and a signature. The data that is signed contains the PCRs selected for the operation, the
composite hash for the selected PCRs, and a nonce provided as input, and used to prevent replay attacks. At provisioning time, the data
that is signed is stored, not just the composite hash. The signature is discarded.
An entity that wishes to evaluate a machine generates a nonce, and sends it along with the set of PCR used to generate the composite PCR
hash at provisioning time. For this use of the TPM quote operation, the signed data is ignored, and the signature returned is used to val-
idate the state of the TPM's PCRs. Given the signature, the evaluating entity replaces the nonce in the signed data generated at provi-
sioning time, and checks to see if the signature is valid for the data. If so, this check ensures the selected PCRs contain values that
match the ones measured during provisioning.
A typical scenario for an enterprise using these tools follows. The tools expect AIKs to be referenced via one enterprise-wide Universally
Unique Identifier (UUID). The program tpm_mkuuid creates one.
For each machine being checked, an AIK is created using tpm_mkaik. The key blob produced is bound to the UUID on its machine using
tpm_loadkey. The public key associated with the AIK is sent to the entities that verify quotes. Finally, the expected PCR composite hash
is obtained using tpm_getpcrhash. When the expected PCR values change, a new hash can be generated with tpm_updatepcrhash.
The program to obtain a quote, and thus measure the current state of the PCRs is tpm_getquote. The program that verifies the quote
describes the same PCR composite hash as was measured initially is tpm_verifyquote.
SEE ALSO
tpm_mkuuid(8), tpm_mkaik(8), tpm_loadkey(8), tpm_unloadkey(8), tpm_getpcrhash(8), tpm_updatepcrhash(8), tpm_getquote(8), tpm_verifyquote(8)
Oct 2010 TPM QUOTE TOOLS(8)