Implement responses to a script run from a bash script?

D

Denis Shavaleev2020-09-28 08:32:32

bash

Denis Shavaleev, 2020-09-28 08:32:32

Deployed an openvpn server, automated the process of assembling the config and dependent keys and certificates created for the client with packaging in an archive on a network storage for certificates (admins and a bot have access to the storage). There was such a question, when creating a certificate and a client key, easy-rsa scripts are launched, where you need confirmation "yes", a request to enter a name (in fact, you can enter), and the final request is a password from the authorization service (ca.crt). The question actually is, how to send answers to them automatically when you run these easy-rsa scripts? The client's name is entered into the created variable. I tried to use echo, but the script sends the command data after the easy-rsa scripts have been processed. Can anyone help? I will be grateful.

I did as in the answer below, maybe it will help someone:

dir=/usr/share/easy-rsa/3
cd $dir
. ./vars
./easyrsa --batch gen-req $client nopass

expect << EOF
        spawn ./easyrsa --batch sign-req client $client
        expect "*ca.key:" {send "PASSWORD\r"}
        expect eof
EOF

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Dmitry, 2020-09-28
@Shavaleev_DieZ

certificates for openvpn can be generated in a fully automatic mode.
for this, pkitool (this is the script that generates them) needs to have --batch , and if you need certificates to be closed with a password (and passwords need to be generated automatically), you will have to slightly finish the --pass option
openssl can accept a password from a text file.
something like this in the config

-passout file:/etc/openvpn/easy-rsa/keys/password.txt

A

AVKor, 2020-09-28
@AVKor

Regardless of the specific situation: you can automate the input to requests with a command yes(see here ), and also use expect (for example, 1 , 2 ).
Useful for the future.