I have this script which sounds like what I want to do:
cat something_so_sign.xzy | gpg \
--passphrase-file "plaintext_passphrase.txt" \
--batch \
--pinentry-mode loopback \
-bsa
which I ran in .bat and then realize this was from Linux. I got that code from here: gpg encrypt file without keyboard interaction
But now I want to do this in CMD and I've researched for hours; I can't find exactly what I want to do. Everything I research either generates a key automatically, doesn't specify a key, or requires user interaction throughout the script run (I need this automated). I also like this particular script because its simple and I understand it. But What is the CMD equivalent of this?
I don't mind using a different method either...but my powershell version on the server is old (2.0) and it would be a huge, time consuming effort to get someone to update that. So, I can't install modules in powershell. It would also not be ideal to have to download external programs. So, I'm coming back to using .bat to encrypt my file, using a key that I'll store in its own file.
Related
I have some .sh files, this file contains my ssh and scp details.
I would like to encrypt the ssh files, upon encryption It should be able to execute/run.
like the background.js ( attachment ) file is encrypted but still executing in the browser
Background:
There is a difference between obfuscation and encryption.
Obfuscation hides the data or makes it hard to read, but it is still theoretically possible to reverse this and get back the original source data.
Encryption actually uses cryptography to make it near-impossible to decrypt without a key.
I believe the image I'm looking at above is "obfuscated" and not "encrypted" based on the details that you've provided.
Answer:
If you're running this file on a machine and not in a browser, I'd recommend looking at compiling it into an executable which will compile it into bytecode. This will likely accomplish your original intent of hiding the source. Nexe is one tool for NodeJS that can do this.
If you're running this in the browser, then you can only really obfuscate it. Terser is a library for this in NodeJS
And lastly, a common pattern for hiding ssh details is to put them into environment variables and have a script reference the environment variables rather than actually putting the credentials in the code.
In JS, that would be process.env.PASSWORD
I'm using psftp.exe to download files from the server. Is there an easy way to delete these files once I have downloaded them but leave the new ones that might have appeared on the server when I was downloading to be downloaded next time?
Here's my command line:
psftp.exe domain.com -i keys\private.ppk
get *.xml
Edit: I want to download the files from a Linux box to a Windows PC.
There's no easy way to do this with psftp. You would have to parse its output to find files that were successfully downloaded.
Though you can do this easily with WinSCP. Just use get -delete *.xml command.
Full WinSCP script would be:
open sftp://domain.com/ -privatekey=keys\private.ppk -hostkey=...
get -delete *.xml
exit
See an introduction to WinSCP scripting.
See also a guide for converting PSFTP script to WinSCP.
You can also have WinSCP GUI generate script like this for you.
(I'm the author of WinSCP)
Martin's answer is good. The below is more industrial.
Moving them to a staging area before the download may be prudent.
Generally you would move/rename the files on the server as a starting point. They are going to be deleted anyway so nothing should miss them? nor would you want to fall back over a recent file.
(so restart after this point in the event of a subsequent failure)
Then perform the download.
Then perform the delete.
I would approach the issue differently. Instead of deleting the file from the server, add the downloaded filename to a local table of "Already downloaded files". Then when you scan the FTP again for new files, ignore any that are in that table.
That way the next time you run your download script you only get the new files, but the old files remain on the server.
You could have another script that runs periodically and deletes all files over a certain age.
WINSCP is alright, and Martin (the author) drops in to practically every PuTTy thread to recommend it, but it's a fully GUI-based app and not for me. If you really need everything to be done on the commandline then WINSCP is often not an option.
I am using the cURL app to download multiple csv files. I want to find a way to check if the file exists on the ftps site before kicking off the download. If it doesn't exist I would like to find a way for cURL to check again at regular intervals.
I am trying to stick to using cURL commands for this I am really not good at .Net programming. Any help would be appreciated
$ curl ftp://[host]/[path] --ssl --head
(you might also need -k)
--ssl: Try to use SSL/TLS for the connection
--head: When used on an FTP or FILE file, curl displays the file size and last modification time only
It will return an error if the file doesn't exist. It will not keep checking, it will only check once so you need to do the repeated checking using some scheduler/cron/script or whatever.
Long story short... we have multiple servers which we run perflog monitoring on every night. My job is to convert these logs to .csv format and send them to my e-mail.
This bit it already automated via a .sh script an ex-employee wrote.
What I want automated is to run a batch job after the perfmon logging to look at a specific folder and find the latest .blg file and run the sh script on it (the script is called upload) so that I don't have to log in to each server and do it manually.
e.g.
upload myInitials cd /cygdrive/someLocation/logs/$latestFile$.blg
myInitials and the location can be hard-coded... I just wouldn't know how to find the latest file in the folder and automate it all via a batch file.
Any pointers would be very helpful!
# Jeremy:
Sorry, I probably should have mentioned in my question that the servers are running 2003 and 2008.
I don't think it would be absolutely necessary to register a change notification on the folder - If the log runs from noon till 7 in the morning, the script will run immediately after (you can set a script to run after a perfmon log has finished in log properties) so the log will almost definitely be the latest file in the folder anyway.
Like I said, I already have a .sh file in place to convert to csv and send to my e-mail, I just need to incorporate it into a batch file so that instead of me going to each of the servers and opening up cygwin and typing upload xx /cygdrive/location/logs/xyz.blg, I can have it automated to run straight after the log has finished without me having to RDC into it.
Thanks for the input!
If you have a Shell script and you job is to call the shell script from a windows batch file then this will work.This assumes the cygwin is installed in C:
Contents of start_cyg.bat
#echo off
set PATH=%PATH%:"C:\Cygwin\bin"
rem bash --login -i
bash "/cygdrive/d/cyg.sh"
Contents of cyg.sh
#!/bin/bash
TAIL=`ls -lrt | tail -1`
echo "TAIL:$TAIL"
If you call start_cyg.bat from windows command prompt you can get the output of the cyg.sh in the console
for getting newest file in a directory, ls -1tr | tail -1 should work.
First, I don't know if it would meet your requirements, but the Windows Task Scheduler 2 in Vista+ is very robust and can trigger an event even based on log entries. However, extraction and parsing of that log entry may require some scripting, and might have concurrency issues, even if that log entry did indicate the last used process. Chances are none of this is helpful, but just throwing it out there.
Programatically, it would be simple as you can register a change notification on a folder. When a change occurs, you go find the latest file. Then launch the batch file to launch your shell script, or whatever your desired sequence may be.
I think cygwin may even support change notification events via scripting, though I'm unsure. I believe there are linux extensions for this, but I may be wrong.
If it were me, I'd just write a little C++ app to do whatever I wanted.. but for you maybe any (or more likely none) of the above helps ;o.
I am writing a batch file which is supposed to update the source files from tortoise and - if anything new was gotten - build the solution. Should be a very simple task.
My batchfile looks like this (I've removed the non-essentials)
set updatepath=%1
set solution=%2
set output=%3.txt
call TortoiseProc.exe /command:update /path:%updatepath% /closeonend:2
call %devenv% %solution% /Build Debug /Out %output%
Now, I'd like to know if tortoise actually got new code for me and the not build if it didn't. How do I do this?
I am running Windows Vista
(The batch script is called from another batch script about 7 times - one for each project I need updated and - perhaps - build).
Using tortoise is probably not the best way to resolve the problem.
To begin with, it would help knowing which SCM you're using (Mercurial, Subversion, CVS...). Most (all?) SCM tools come with a command-line interface, as opposed to the tortoise shell extension. If you used e.g. mercurial, this is how you would check if the local files need updating:
d:\projects\myproj> hg incoming <main repository path>
You could then parse the output to check if there are pending changes. A similar approach would work with other SCMs.
TortoiseProc is not meant for this kind of automation:
Remember that TortoiseSVN is a GUI client, and this automation guide
shows you how to make the TortoiseSVN dialogs appear to collect user
input. If you want to write a script which requires no input, you
should use the official Subversion command line client instead.
http://tortoisesvn.net/docs/release/TortoiseSVN_en/tsvn-automation.html
So, first, get the command line client ( SlikSVN is my favourite). Note that update in TortoiseProc doesn't bring the dialog in the way you are using, but calling it seven times, you are better off using svn command line client.
Second, use svn status -u to see if there are updates in the repo. --show-updates or -u places an asterisk next to items that are out of date. You can probably grep it.
If so, use svn update to update your working copy.