-
Notifications
You must be signed in to change notification settings - Fork 1
crypt
The "crypt" command is used to add encrypted passwords to user and target export files. It has six modes of operation..
tbutil crypt
This is the tool's interactive mode. It presents the following menu...
c: create key file
d: delete key file
t: add password to 'target' json file
u: add password to 'user' json file
q: quit
These actions are the same as those listed below for the CLI syntaxes, except that the file names are requested interactively rather than being specified on te command line.
tbutil crypt -create-key
The -create-key option is used to create the random encryption key file used by -target, -user and -encode. The key must exist before those commands can be used. The key is stored in the file $HOME/.tbutilkey.
Note 1: If this file is deleted or changed then tbutil will no longer be able to import the users and targets who's passwords have been stored in the export files.
Note 2: If you wish to copy the import files over to another system and import them by running "tbutil import ..." there, you should also copy the .tbutilkey file over.
Note 3: This command is normally run by the tbutil install program so you will not normally need to run it yourself.
tbutil crypt -delete-key
The -delete-key option can be used to delete the key file created with -create-key.
Note: This will effectively invalidate any user or target export files who's passwords have been written using the now-deleted key.
tbutil crypt -proxy {http_proxy_file}
The -proxy option adds the encrypted password to a proxy export file created with "[[export http proxy config|export-http-proxy-config]] so that it can be used with [[import http proxy config|import-http-proxy-config]]".
Note: The command is interactive and asks for the password from the user but hides what is typed. It also accepts the password from an "input redirect" file, in which case the prompts are not displayed.
tbutil crypt -target {target_file}
The -target option adds the encrypted fields (passwords etc) to a target export file created with "[[export target|export-target]]. Note that this **must** be done before the file can used by [[import target|import-target]]".
Note: The command is interactive and asks for the passwords etc from the user but hides what is typed. It also accepts the answers to its questions from an "input redirect" file, in which case the prompts are not displayed.
tbutil crypt -user {user_file}
The -user option adds the encrypted password to a user export file created with "[[export user|export-user]]. Note that this **must** be done before the file can used by [[import user|import-user]]".
Note: The command is interactive and asks for the password from the user but hides what is typed. It also accepts the password from an "input redirect" file, in which case the prompts are not displayed.
tbutil crypt -encode {clear_text}]
The -encode option prints the encoded version of the supplied clear-text password. This is useful for scripts that create import files and need to patch the passwords directly.
See also: "export target", "import target", "import targets", "export user", "import user", "import users",
NB: This WIKI is a work in progress and is known to be incomplete and inaccurate in places as it stands.
Starting points
Popular pages