First Push
This commit is contained in:
96
NVIDIA-Linux-x86_64-535.161.07-grid/grid-proxy-credentials.sh
Executable file
96
NVIDIA-Linux-x86_64-535.161.07-grid/grid-proxy-credentials.sh
Executable file
@@ -0,0 +1,96 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# NVIDIA script to encrypt and store user entered password that will be
|
||||
# used by vGPU licensing service for proxy server authentication
|
||||
#
|
||||
# Copyright (c) 2023 NVIDIA Corporation
|
||||
#
|
||||
# All rights reserved. All information contained herein is proprietary and
|
||||
# confidential to NVIDIA Corporation. Any use, reproduction, or disclosure
|
||||
# without the written permission of NVIDIA Corporation is prohibited.
|
||||
#
|
||||
##############################################################################
|
||||
# To connect to authenticated proxy server using Basic, NTLM
|
||||
# authentication, proxy credentials are required for vGPU licensing
|
||||
# service. This is helper script to encrypt user entered password and
|
||||
# save the encrypted content in a file.
|
||||
##############################################################################
|
||||
|
||||
print_help()
|
||||
{
|
||||
echo ""
|
||||
echo "usage: $(basename "$0") [ OPTIONS ]";
|
||||
echo ""
|
||||
echo " OPTIONS:";
|
||||
echo ""
|
||||
echo " -o --out [file]"
|
||||
echo " Output credentials file."
|
||||
echo " Example: --out /etc/nvidia/gridd-proxy-credentials.dat"
|
||||
echo ""
|
||||
echo " -h, --help"
|
||||
echo " Print help and exit."
|
||||
echo ""
|
||||
}
|
||||
|
||||
cred_file=
|
||||
|
||||
# parse the command line
|
||||
while [ "$1" ]; do
|
||||
case $1 in
|
||||
"-o"|"--out") cred_file=$2; shift;;
|
||||
"-h"|"--help" ) print_help; exit 1;;
|
||||
*) echo "Unrecognized option '$1'"; print_help; exit 1;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
if [ -z "${cred_file}" ]; then
|
||||
echo "ERROR: No valid input provided for --out"
|
||||
print_help;
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if output parent directory exists
|
||||
parentDir="$(dirname "$cred_file")"
|
||||
if [ ! -d "$parentDir" ]; then
|
||||
echo "ERROR: $parentDir: No such directory"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if OpenSSL library is installed, which is a prerequisite to run this script.
|
||||
if ! command -v openssl &> /dev/null
|
||||
then
|
||||
echo "Error: You need to install OpenSSL to run this script."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Prompt for password and encrypt it
|
||||
cred_file_temp="${cred_file}.tmp"
|
||||
public_key_file="${cred_file}.pubkey"
|
||||
cat << EOF > "$public_key_file"
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu21HUkdwo5w6G5xRcE9u
|
||||
X2kIGJBx/Hr89q6F9i77cuaIWkeGWbghp0iC5+vDUZm2m0uWhC3cVfqJCp4j//qn
|
||||
agZfBoFFBzFqqd3c69bvugwNZJ6dR2wD1dBrXrNq0+Vu/B6WjLN7Ord6BrMzDrD1
|
||||
fy7+Mw0fM4KC1tWKPS5PwRYD5d5j5Z03oqdAhz34X1AzN3VZQ7Ko6PlTdV3+EVHH
|
||||
j6lUlLv4lrRwhi96DwAz73i+3OagxMPr8LGh6AEeKKlwebPeW6oj8iYZ/pVlgz/Z
|
||||
wmRjM1eRcoC6ao/pXYAo8/zeipdhrY9zbL2F3Z9ogG1xhDElktWy5Map7vSm0Kx+
|
||||
0U0Phu6nTO7EZJ/96lwZ6EZCAXjV8JWxCmZeAj6tEpyjk/a3ezaHc8FhqNjP+Ypl
|
||||
dkI7fm/ByF2C9IFyNABCVpjDiEbDGJJ8z3HWgP26QJRj2FtGtub4mt2NsKACnQe7
|
||||
teaBDw6o+eFHLSNz3zYaBVwX4tQ9WsHV03gZPzeqGWAwu7brLZcmN+Zs5Es4XWis
|
||||
NQ2yLFaEHLmdQ1kgwHF5NmNc9paWbIGD67OxLiQ2MnXcgmYzIB2RfhCo2WZI3R4G
|
||||
CFdQL8nPNiadt0ju8mtcNA+OM8rwi23u6sk0bGHvyJncYLjd7Eiwmf+NCo7rEbRM
|
||||
JsrQ3mfxJgu1lbHg+F6z0JkCAwEAAQ==
|
||||
-----END PUBLIC KEY-----
|
||||
EOF
|
||||
|
||||
read -s -r -p "Enter Password:" password
|
||||
echo -n "$password" | openssl pkeyutl -encrypt -inkey "$public_key_file" -pubin -pkeyopt rsa_padding_mode:oaep -out "$cred_file_temp"
|
||||
|
||||
# Base64 encode the encrypted password
|
||||
base64 -w 0 < "$cred_file_temp" > "$cred_file"
|
||||
rm "$public_key_file"
|
||||
rm "$cred_file_temp"
|
||||
chmod 640 "$cred_file"
|
||||
|
||||
echo -e "\nEncrypted credentials file path: $cred_file"
|
||||
Reference in New Issue
Block a user