97 lines
3.3 KiB
Bash
Executable File
97 lines
3.3 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# NVIDIA script to encrypt and store user entered password that will be
|
|
# used by vGPU licensing service for proxy server authentication
|
|
#
|
|
# Copyright (c) 2023 NVIDIA Corporation
|
|
#
|
|
# All rights reserved. All information contained herein is proprietary and
|
|
# confidential to NVIDIA Corporation. Any use, reproduction, or disclosure
|
|
# without the written permission of NVIDIA Corporation is prohibited.
|
|
#
|
|
##############################################################################
|
|
# To connect to authenticated proxy server using Basic, NTLM
|
|
# authentication, proxy credentials are required for vGPU licensing
|
|
# service. This is helper script to encrypt user entered password and
|
|
# save the encrypted content in a file.
|
|
##############################################################################
|
|
|
|
print_help()
|
|
{
|
|
echo ""
|
|
echo "usage: $(basename "$0") [ OPTIONS ]";
|
|
echo ""
|
|
echo " OPTIONS:";
|
|
echo ""
|
|
echo " -o --out [file]"
|
|
echo " Output credentials file."
|
|
echo " Example: --out /etc/nvidia/gridd-proxy-credentials.dat"
|
|
echo ""
|
|
echo " -h, --help"
|
|
echo " Print help and exit."
|
|
echo ""
|
|
}
|
|
|
|
cred_file=
|
|
|
|
# parse the command line
|
|
while [ "$1" ]; do
|
|
case $1 in
|
|
"-o"|"--out") cred_file=$2; shift;;
|
|
"-h"|"--help" ) print_help; exit 1;;
|
|
*) echo "Unrecognized option '$1'"; print_help; exit 1;;
|
|
esac
|
|
shift
|
|
done
|
|
|
|
if [ -z "${cred_file}" ]; then
|
|
echo "ERROR: No valid input provided for --out"
|
|
print_help;
|
|
exit 1
|
|
fi
|
|
|
|
# Check if output parent directory exists
|
|
parentDir="$(dirname "$cred_file")"
|
|
if [ ! -d "$parentDir" ]; then
|
|
echo "ERROR: $parentDir: No such directory"
|
|
exit 1
|
|
fi
|
|
|
|
# Check if OpenSSL library is installed, which is a prerequisite to run this script.
|
|
if ! command -v openssl &> /dev/null
|
|
then
|
|
echo "Error: You need to install OpenSSL to run this script."
|
|
exit 1
|
|
fi
|
|
|
|
# Prompt for password and encrypt it
|
|
cred_file_temp="${cred_file}.tmp"
|
|
public_key_file="${cred_file}.pubkey"
|
|
cat << EOF > "$public_key_file"
|
|
-----BEGIN PUBLIC KEY-----
|
|
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAu21HUkdwo5w6G5xRcE9u
|
|
X2kIGJBx/Hr89q6F9i77cuaIWkeGWbghp0iC5+vDUZm2m0uWhC3cVfqJCp4j//qn
|
|
agZfBoFFBzFqqd3c69bvugwNZJ6dR2wD1dBrXrNq0+Vu/B6WjLN7Ord6BrMzDrD1
|
|
fy7+Mw0fM4KC1tWKPS5PwRYD5d5j5Z03oqdAhz34X1AzN3VZQ7Ko6PlTdV3+EVHH
|
|
j6lUlLv4lrRwhi96DwAz73i+3OagxMPr8LGh6AEeKKlwebPeW6oj8iYZ/pVlgz/Z
|
|
wmRjM1eRcoC6ao/pXYAo8/zeipdhrY9zbL2F3Z9ogG1xhDElktWy5Map7vSm0Kx+
|
|
0U0Phu6nTO7EZJ/96lwZ6EZCAXjV8JWxCmZeAj6tEpyjk/a3ezaHc8FhqNjP+Ypl
|
|
dkI7fm/ByF2C9IFyNABCVpjDiEbDGJJ8z3HWgP26QJRj2FtGtub4mt2NsKACnQe7
|
|
teaBDw6o+eFHLSNz3zYaBVwX4tQ9WsHV03gZPzeqGWAwu7brLZcmN+Zs5Es4XWis
|
|
NQ2yLFaEHLmdQ1kgwHF5NmNc9paWbIGD67OxLiQ2MnXcgmYzIB2RfhCo2WZI3R4G
|
|
CFdQL8nPNiadt0ju8mtcNA+OM8rwi23u6sk0bGHvyJncYLjd7Eiwmf+NCo7rEbRM
|
|
JsrQ3mfxJgu1lbHg+F6z0JkCAwEAAQ==
|
|
-----END PUBLIC KEY-----
|
|
EOF
|
|
|
|
read -s -r -p "Enter Password:" password
|
|
echo -n "$password" | openssl pkeyutl -encrypt -inkey "$public_key_file" -pubin -pkeyopt rsa_padding_mode:oaep -out "$cred_file_temp"
|
|
|
|
# Base64 encode the encrypted password
|
|
base64 -w 0 < "$cred_file_temp" > "$cred_file"
|
|
rm "$public_key_file"
|
|
rm "$cred_file_temp"
|
|
chmod 640 "$cred_file"
|
|
|
|
echo -e "\nEncrypted credentials file path: $cred_file"
|