2

I'm trying to create a self-extracting encrypted archive. Here's code that doesn't work for me:

openssl enc -aes-256-cfb -salt -d -a | tar -x -j <<EOF
U2FsdGVkX19f7pGFSqDXJSREp/oDxJD0oii/FYvJlJpO8fB5ttZ/Qc8vSwIOS2y0
QUlWLocow4S1YWf86615Ji3n16RLvhOIRiy9S8DNGXl9C6ea1FYDdiuy2lA75lME
...
8yQIpRng/gXItWlaGJapqW9z2wx7y2im/lPGM8UrwZN9uY3DuRx3XbpMY5yuRWU0
oArQEvKxBAP/bB689j4P291Oauw1E8++na9phkEUXJY=
EOF

output:

enter aes-256-cfb decryption password:tar: Unrecognized archive format
tar: Error exit delayed from previous errors.

embedded base64 data should be decrypted using openssl and its output should be piped into tar. openssl should be able to ask user for a password. If I remove tar pipeline:

openssl enc -aes-256-cfb -salt -d -a >outfile <<EOF
...

then everything works fine. Therefore I assume that openssl can handle password prompt and input from the terminal without interfering with stdin/stdout (probably prompt goes into stderr and password reading is implemented using some tty magic).

I managed to solve this task with the following construction:

{ openssl enc -aes-256-cfb -salt -d -a | tar -x -j; } <<EOF
...

but I don't understand what's wrong with the first script.

Improve this question
0

1 Answer 1

Reset to default
1

end of here document should be in front (or back of) openssl.

what you did:

sed -e s/^/water/ | sed -e s/^/wine/ <<EOF
hello world
EOF

(and you need to ctrl-d here)

give :

winehello world

only second sed work (just wine, no water), what you must do :

sed -e s/^/water/  <<EOF | sed -e s/^/wine/
hello world
EOF

give :

winewaterhello world

as you see, hello world was turn into waterhello world, then winewaterhello world.

you should try 

openssl enc -aes-256-cfb -salt -d -a  <<EOF | tar -x -j
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.