Shell script not picking up password file...

Running the below shell script seems to ignore the password file I'm feeding it.  I'm continually prompted for it.  If I enter it, the rest of the script goes without a hitch, but as I'm running it via cron, I really need to get it to read from the file... Any suggestions?



#!/bin/sh
    p=$(<password.txt)
    set -- $p
    pass_phrase=$1
    destination="/var/www/d"
    cd /var/sl/
    for FILE in *.pgp;
    do
        FILENAME=${FILE%.pgp}
        gpg --passphrase "$pass_phrase" --output "$destination/$FILENAME" --decrypt "$FILE"
        rm -f $FILE
    done

Open in new window

n00b0101Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

woolmilkporcCommented:
Hi,
looks rather good at first sight!
What are the contents of password.txt? The required passphrase must be the first whitespace-delimited word in it to make your method work!
wmp
0
sejdenfadenCommented:
And, what do you mean by feeding?
The way the script is set up now it is required that the password.txt is placed in the same folder as script. If you want to specify the location, you need to give a path as an argument, or change '<password.txt' to '/<full>/<path>/<to>/password.txt'
0
woolmilkporcCommented:
... what do you get with "echo $p" inserted after line 2 and "echo $1" inserted after line 3?
0
Learn Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

n00b0101Author Commented:
Well, the password is the only thing in the file.  You open it up, and the first character of the first line is the first character of the password....  I tried specifying the full path as shown below, but got this:

./pgp.sh: 2: /var/sl/password.txt: Permission denied
gpg: can't open `*.pgp'
gpg: decrypt_message failed: file open error



Checking permissions yields this:

-rw-r--r--  1 admin  admin    17 2010-03-27 15:23 password.txt
-rwxr-xr-x  1 admin  admin   268 2010-04-28 06:43 pgp.sh


#!/bin/sh
p=$("/var/sl/password.txt")
set -- $p
pass_phrase=$1
destination="/var/www/decrypted"
cd /var/sl/
for FILE in *.pgp;
do
    FILENAME=${FILE%.pgp}
    gpg --passphrase "$pass_phrase" --output "$destination/$FILENAME" --decrypt "$FILE"
    rm -f $FILE
done

Open in new window

0
n00b0101Author Commented:
(Oh, and yes, I changed the directory from d to decrypted)
0
woolmilkporcCommented:
OK,
you want to fill the variable "p" with the contents of "password.txt", so you must of course use the redirector "<", as in your original question -
p=$(<"/var/sl/password.txt")
btw. you can shorten this all to
set -- $(<"/var/sl/password.txt")
without using the intermediate variable "p".
If the password is indeed the only thing in password.txt (one word, without spaces!), you could even do
pass_phrase=$(<"/var/sl/password.txt")
With your script as posted, the *.pgp files must be in /var/sl, else the whole thing will not work. In other words, in your script "cd" to the directory actually containing the *.pgp files (line 6) before proceeding.
Done this, the script should work!
wmp

 
0
n00b0101Author Commented:
Bugger.  I changed the script to what's below.  This is the directory structure:

me@me-desktop:/var/sl$ pwd
/var/sl

me@me-desktop:/var/sl$ ls
drwxr-xr-x  3 me me  4096 2010-04-28 07:09 .
drwxr-xr-x 18 root root 4096 2010-04-18 08:06 ..
-rwxr-xr-x  1 me  me    96 2010-04-27 06:59 all.sh
-rw-r--r--  1 me  me    17 2010-03-27 15:23 password.txt
drwxr-xr-x  2 me  me  4096 2010-03-28 22:46 pgconfs
-rwxr-xr-x  1 me  me    68 2010-03-27 20:09 pgloader.sh
-rwxr-xr-x  1 me  me 271 2010-04-28 07:07 pgp.sh
-rw-r--r--  1 me  me  64008 2010-04-28 07:13 MID_20100307_1.txt.pgp

But, running the script gives me this:

me@me-desktop:/var/sl$ ./pgp.sh

You need a passphrase to unlock the secret key for
user: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
2048-bit RSA key, ID XXXXXXX, created 2010-03-10 (main key ID XXXXXXX)

gpg: gpg-agent is not available in this session
gpg: encrypted with ELG-E key, ID XXXXXXXX
gpg: encrypted with 2048-bit RSA key, ID XXXXXXXX, created 2010-03-10
      "XXXXXXXXXXXXXXXXXXXXXXX"
gpg: public key decryption failed: bad passphrase
gpg: decryption failed: secret key not available






#!/bin/sh
pass_phrase=$(<"/var/sl/password.txt")
destination="/var/www/decrypted"
cd /var/sl/
for FILE in *.pgp;
do
    FILENAME=${FILE%.pgp}
    gpg --passphrase "$pass_phrase" --output "$destination/$FILENAME" --decrypt "$FILE"
    rm -f $FILE
done

Open in new window

0
woolmilkporcCommented:
So you're actually trying to decrypt only MID_20100307_1.txt.pgp I assume?
If so, no problem.
We need some debugging of this "passphrase" thing.
Please modify your script this way and post the output -
#!/bin/sh
pass_phrase=$(<"/var/sl/password.txt")
echo pass_phrase: $pass_phrase
destination="/var/www/decrypted"
cd /var/sl/
for FILE in *.pgp;
 do
  FILENAME=${FILE%.pgp}
  echo FILE: $FILE   FILENAME: $FILENAME
 echo gpg --passphrase "$pass_phrase" --output "$destination/$FILENAME" --decrypt "$FILE"
 echo rm -f $FILE
done  
Please obfuscate your passphrase before posting - but nothing else, please!
wmp
 
0
n00b0101Author Commented:
Ok.... (There is just one pgp file that happens to be in there right now as a test.  There will actually be between 4 and 7 .pgp) Note that I didn't remove pass_phrase, it simply didn't output anything...





pass_phrase:
FILE: MID_20100307_1.txt.pgp FILENAME: MID_20100307_1.txt
gpg --passphrase  --output /var/www/decrypted/MID_20100307_1.txt --decrypt MID_20100307_1.txt.pgp
rm -f MID_20100307_1.txt.pgp

Open in new window

0
woolmilkporcCommented:
Ok, so please examine /var/sl/password.txt. What's in there?
When you do (at the shell prompt)
cat /var/sl/password.txt
or
pass_phrase=$(<"/var/sl/password.txt")
echo xxx_${pass_phrase}_xxx
what do you see?
0
n00b0101Author Commented:
The password. (Below, I've replaced numbers with #, capital letters with X, lowercase letters with x)

me@me-desktop:/var/sl_bin$ cat /var/sl_bin/pass.txt
##xxxxXXXxxXxxXX


0
n00b0101Author Commented:
(And yes, I moved sl to sl_bin and reran through all of the suggestions using this path... just to see...)
0
woolmilkporcCommented:
And this
pass_phrase=$(<"/var/sl_bin/pass.txt")
echo xxx_${pass_phrase}_xxx  
?
0
n00b0101Author Commented:
Sorry, yes... that yields this:

passphrase:
xxx__xxx
FILE: MID_20100307_1.txt.pgp FILENAME: MID_20100307_1.txt
gpg --passphrase  --output /var/www/decrypted/MID_20100307_1.txt --decrypt MID_20100307_1.txt.pgp
rm -f MID_20100307_1.txt.pgp

Open in new window

0
woolmilkporcCommented:
That's just too strange. There must be something weird in your pass.txt file.

I'd suggest to either

- deleting (or renaming) it and writing it new, taking care that indeed only the password is entered and absolutely nothing else.

or

- trying it the old-fashioned, pedestrian and exhaustive way

pass_phrase=$(cat "/var/sl_bin/pass.txt" | head -1 | cut -f1 -d" ")
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
n00b0101Author Commented:
Well.... the pedestrian way worked.... So, thanks!  I'm wondering if there's something that prevents it from reading in a plain text password?  I don't know....  Anyway, thanks.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Shell Scripting

From novice to tech pro — start learning today.