Squoggle

Mac's tech blog

Monthly Archives: October 2019

Sed

Leave a comment Posted by on October 29, 2019

Down & Dirty Notes on SED

Replace a word with another word:

To replace all instances of a certain word in a file with another word:

$ sed 's/[oldword]/[newword]/' file

This will not modify the original file but output to the screen

Strip the last letter of a list of words:

If you have a file with a bunch of words that all end in the same letter, something like this:

austin1a
denver1a
dallas1a
phoenix1a

and you want to strip the last letter off of each word you can do it with something like this:

$ sed 's/\(.*\)./\1/' file

Output is to screen.

Add a letter to the end of a list of words:

Lets say you want to add a letter to that list of words. You can do that like this:

$ sed 's/$/b/'file

This will add a letter b to the end of each word in the list.

Replace the last letter of word:

You can combine the above two commands and if you want to change all the of the a to letter b then you can do that like this:

$ sed 's/\(.*\)./\1/' file | sed 's/$/b/'

The first part of this command strips the last letter of each word. Then the second part of the command adds the letter b to the end of each word.

Add a trailing \

Many times you want to run a script against a list of servers or something. You can create a list with a space slash  \ after each word in the file:

$ sed 's/$/ \\/' file

The results will look something like this:

austin1a \
denver1a \
dallas1a \
phoenix1a \

Insert text at the beginning of a word:

If you want to insert the word router at the beginning of each word you could do something like this:

$ sed 's/^/router/' file

Insert text at the end of a word:

Same as above but at the end of the word:

$ sed 's/$/router/' file

Convert commas to newline:

Lets say you have CSV list in a file that looks something like this:

austin1a,denver1a,dallas1a,phoenix1a

and you want to convert those commas into newline. You can do something like this:

$ sed -e $'s/,/\\\n/g' file

Sometimes that list will have a space after the comma like this:

austin1a, denver1a, dallas1a, phoenix1a

You can modify the command slightly like this:

$ sed -e $'s/, /\\\n/g' file

Convert TABs (White space) to Commas:

Lets say you have a TAB separated file and you want to convert it to a CSV file. An example would be something like this:

austin1a.example.com. 300 IN A      10.10.20.10
denver1a.example.com. 300 IN A      10.10.30.10
dallas1a.example.com. 300 IN A      10.10.40.10
phoenix1a.example.com. 300 IN A     10.10.50.10

This command will convert any white space to a comma:

$ sed 's/[[:space:]]\+/,/g' file

Convert multiple spaces to single space:

Or if you simply want to convert multiple spaces to a single space you can do like this:

$ sed 's/[[:space:]]\+/ /g' file

More to come…

Sys Admin ,

GPG HowTo

Leave a comment Posted by on October 18, 2019

Here’s my notes on GPG

Here’s a nice GPG Cheat Sheet:
http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/gpg-cs.html

Directory:
GPG will automatically store your configs in ~/.gnupg

List Keys:
To list the keys in your public key ring. These will be public keys that you have imported already:

$ gpg --list-keys

List Private Keys:
To list the keys in your secret key ring (your private keys):

$ gpg --list-secret-keys

Typically you will only have one Private Key, your own.

List Signatures:
To list the keys and signatures:

$ gpg --list-sigs

Check Keys:
To check the keys and signatures:

$ gpg --check-sigs

I’m not exactly sure what this does. It seems to be the same as ‘List Signatures’ from my perspective.

Delete Private Key:
To delete keys in your secret key ring. This is typically going to be your private key:

$ gpg --delete-secret-keys "Jimmy McKlosky"

Delete Public Key:
To delete keys in your public key ring (your public key):
Delete Secret Key First, then:

$ gpg --delete-keys "Jimmy McKlosky"

This is how you would delete other people’s public keys from your store as well.

Help:
To get help:

$ gpg --help

Generate a new key pair:
Generate your public and private keys:

$ gpg --gen-key

You should see:

gpg (GnuPG) 2.0.14; Copyright (C) 2009 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection?

Hit [ENTER] for the default or type in another number:

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)

2048 should be fine. Hit [ENTER] to accept.

Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
        = key expires in n days
      w = key expires in n weeks
      m = key expires in n months
      y = key expires in n years
Key is valid for? (0)
The default is to never expire. This should be fine.

Hit [ENTER] to select no expiration date.

Key does not expire at all
Is this correct? (y/N) y
Hit 'y' to confirm no expiration date.
GnuPG needs to construct a user ID to identify your key.

Real name: Jimmy McKlosky

Enter your real name.

Email address: [email protected]

Add your email address.

Comment: Jimmy's Bar & Grill

I put my org in the comment section.

You selected this USER-ID:
"Jimmy McKlosky (Jimmy's Bar & Grill) <[email protected]>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

Select ‘O’ to confirm this is OK.

You need a Passphrase to protect your secret key.

A dialog box may open, or you may get a text prompt to enter your private key password. Check your database for this.
A message appears about generating random data.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

If you are logged into the host remotely, see the gotcha below about generating entropy.

gpg: key E3541042 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/E3541042 2017-02-10
Key fingerprint = 8367 6BB4 9178 6D45 DF58 C2C4 2D6F 813A E354 1042
uid Jimmy McKlosky (Jimmy's Bar & Grill) <[email protected]>
sub 2048R/997E61F3 2017-02-10

This completes the GPG Key Generation Process.

Gotcha: On Virtual Machines there is not a way of generating entropy via keyboard and mouse as there are no physical keyboard or mouse. The way I got around this is to generate entropy on the drive. Open another session to the server, then kick off the Key Gen as above. When it says it needs to generate entropy, go to the other session and enter this command:

$ find / -type f | xargs grep blahblahblha

In a few seconds you should have enough entropy and the Key Gen completes!

Export Keys:
List the keys to get the Key IDs:

$ gpg --list-keys
/x/home/jimmy/.gnupg/pubring.gpg
-------------------------------------
pub  1024D/F1ADF609 2013-05-15 Jimmy McKlosky (Trusted Master for BFD User Key Signing) <[email protected]>
sub  1024g/835CFDE8 2013-05-15 [expires: 2015-05-15]

List the secret keys to make sure they exist and match:

$ gpg --list-secret-keys
/x/home/jimmy/.gnupg/secring.gpg
-------------------------------------
sec  1024D/F1ADF609 2013-05-15 Jimmy McKlosky (Trusted Master for BFD User Key Signing) <[email protected]>
ssb  1024g/835CFDE8 2013-05-15

In this case you are simply ensuring that you are working with both your public and private keys and they match. It is possible to have more than on set of keys so this step is simply to ensure you are working with the correct set.

Export your Public Key:

$ gpg --export -a "Jimmy McKlosky" > public.key

This will result in a single file named public.key that contains your public key. The -a means –armor.

Export all the Public Keys in your public keyring:

$ gpg --export -a > public.keys

This is useful if you want to export all the public keys you have imported and move them to a new machine. This command results in a file named public.keys and contains all of the public keys you have previously imported.

Export your Private Key:

$ gpg --export-secret-key -a "Jimmy McKlosky" > private.key

The only reason you would have to export your private key would be to install it on another computer. You probably don’t want to have a private key for every computer you use. Since this is a private key, care should be taken to safeguard it like you would any other private key.

Export your Public and Private Keys using the numeric key ID:
If you have multiple keys identified by your name then the above is not a good way to do this as it will just take the first one. A better way of doing that is by using the numeric key ID. The numeric key ID is unique and is the same for both the Public and Private key. It is the number behind the “/” in this case “F1ADF609” prepended with “0x” to look like this: “0xF1ADF609”. The command to export your keys via Key ID looks like this:

$ gpg --export -a 0xF1ADF609 > public.key
$ gpg --export-secret-key -a 0xF1ADF609 > private.key

You can now send your public key to someone who needs to send you some encrypted data. They can encrypt the data with your public key and when you get it you can decrypt it with your private key and read it.

Decrypt an encrypted file:
How to decrypt a file that was encrypted with your public key:

$ gpg --decrypt [file-name]

You will be prompted to enter your passphrase to decrypt it.

Encrypt a file:

$ gpg -e -u "Sender-Name" -r "Receiver-Name" [file-name]

Make the output file look nice and pretty:

$ gpg -e -u "Sender-Name" -r "Receiver-Name" --armor [file-name]

This should probably be your standard as it makes it much easier to read.

Import a public key:
Put the public key you received from someone into a file named public.key and import it like this:

$ gpg --import public.key

This adds the public key in the file public.key to your public key ring.

Import multiple public keys:
In the case where you may have exported multiple public keys, you can import them all. Put them all in a file and import like this:

$ gpg --import public.keys

Import a private key:
Typically this will only be your own private key from a different computer.

$ gpg --allow-secret-key-import --import private.key

I’ve also been able to do it simply like this:

$ gpg --import private.key

This adds the private key in the file private.key to your private key ring.

I’ve had to do it like this to actually import the secret key:

gpg --edit-key 818E4A41

Then choose trust and choose the level of trust. Then quit.

List key fingerprints:
This will show the fingerprints for keys in your key ring. This may be useful for some ways of authenticating those keys.

$ gpg --fingerprint

A fingerprint is a way you can verify with a person that they key you have for them is valid. For example you could call them and they could tell you the key fingerprint and you could validate it with this command.

Sign Public Keys:
Once you have validated the public key you can sign it so it will no longer bark at you when you attempt to encrypt data for a certain user.
Do it like this:

$ gpg --sign-key "User-Name"
PGP/GPG ,