As @Graeme said HERE
I can do with heredoc like so:
I have to add -passout stdin
for openssl to read from stdin.
cd /etc/postfix/ssl/ && openssl genrsa -passout stdin -des3 -rand /etc/hosts -out smtpd.key 1024 <<PASS
password
PASSW
문제
I have the following command but it doesn't work for me...
cd /etc/postfix/ssl/ && openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024 <<PASS
password
password
PASS
UPDATE:
The output is:
109 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
...............................++++++
...........++++++
e is 65537 (0x10001)
Enter pass phrase for smtpd.key:
It should auto answer the question and put password automaticaly.
I always use HEREDOC
for automating my Q&A on bash and work fine...
What is the problem here?
해결책 2
As @Graeme said HERE
I can do with heredoc like so:
I have to add -passout stdin
for openssl to read from stdin.
cd /etc/postfix/ssl/ && openssl genrsa -passout stdin -des3 -rand /etc/hosts -out smtpd.key 1024 <<PASS
password
PASSW
다른 팁
OpenSSL (and OpenSSH) takes measures to read the password directly from the terminal, rather than from stdin, as a security measure.
However there are a load of ways to supply passwords to OpenSSL. Check man openssl
for the section PASS PHRASE ARGUMENTS
.
So you could do:
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024 -passout "pass:mypassword"
... but per the manpage: "Since the password is visible to utilities (like 'ps' under Unix) this form should only be used where security is not important"
Or you could do:
printf '%s\n' "$PASS" | {
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024 -passout fd:3
} 3<&0
... which is supposedly more secure than other options because the password won't show up in ps.