qwertyjjj |
01-10-2010 04:30 AM |
Ok, my script now looks like this:
Quote:
#!/bin/bash
emailadd="aaa@gmail.com"
usern="aaa"
#echo $mydate
cd /etc/openvpn/
cd /etc/openvpn/easy-rsa/2.0/
source ./vars
./build-key $usern < /usr/local/sbin/myscripts/vpn_responses1.exp
cd keys/
zip $usern.zip ca.crt ca.key $usern.crt $usern.csr $usern.key client.ovpn
nail -r aaa@aaa.co.uk -s "VPN Keys" -a $usern.zip $emailadd < /usr/local/sbin/myscripts/vpn_responses2.exp
|
Almost there but it seems autoexpect doesn't record the entries correctly:
Quote:
[root@server88-xxx-xxx-198 myscripts]# /usr/local/sbin/myscripts/send_vpn_keys.sh
NOTE: If you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/2.0/keys
Generating a 1024 bit RSA private key
.............................................++++++
...............++++++
writing new private key to 'aaa.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too short, it needs to be at least 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too short, it needs to be at least 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too short, it needs to be at least 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:string is too long, it needs to be less than 2 bytes long
Country Name (2 letter code) [GB]:State or Province Name (full name) [LND]:Locality Name (eg, city) [LONDON]:Organization Name (eg, company) [aaa]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) [aaa]:Email Address [aaa@aaa.co.uk]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:string is too long, it needs to be less than 20 bytes long
A challenge password []:string is too short, it needs to be at least 4 bytes long
A challenge password []:string is too short, it needs to be at least 4 bytes long
A challenge password []:An optional company name []:Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'GB'
stateOrProvinceName :T61STRING:'set force_conservative 0 ;# set to 1 to force conservative mode even if'
localityName :T61STRING:'^I^I^I ;# script wasn't run conservatively originally'
organizationName :T61STRING:'if {$force_conservative} {'
organizationalUnitName:T61STRING:'^Iset send_slow {1 .1}'
commonName :T61STRING:'^Iproc send {ignore arg} {'
emailAddress :IA5STRING:'^I^Isleep .1'
Certificate is to be certified until Jan 8 10:29:03 2020 GMT (3650 days)
Sign the certificate? [y/n]:CERTIFICATE WILL NOT BE CERTIFIED
updating: ca.crt (deflated 38%)
updating: ca.key (deflated 22%)
updating: aaa.crt (stored 0%)
updating: aaa.csr (deflated 26%)
updating: aaa.key (deflated 22%)
updating: client.ovpn (deflated 54%)
[root@server88-xxx-xxx-198 myscripts]#
|
This is the expect file:
Quote:
#!/usr/bin/expect -f
set force_conservative 0 ;# set to 1 to force conservative mode even if
;# script wasn't run conservatively originally
if {$force_conservative} {
set send_slow {1 .1}
proc send {ignore arg} {
sleep .1
exp_send -s -- $arg
}
}
set timeout -1
#spawn ./build-key aaa
match_max 100000
expect -exact "Generating a 1024 bit RSA private key\r
........++++++\r
....................................................++++++\r
writing new private key to 'aaa.key'\r
-----\r
You are about to be asked to enter information that will be incorporated\r
into your certificate request.\r
What you are about to enter is what is called a Distinguished Name or a DN.\r
There are quite a few fields but you can leave some blank\r
For some fields there will be a default value,\r
If you enter '.', the field will be left blank.\r
-----\r
Country Name (2 letter code) \[GB\]:"
send -- "\r"
expect -exact "\r
State or Province Name (full name) \[LND\]:"
send -- "\r"
expect -exact "\r
Locality Name (eg, city) \[LONDON\]:"
send -- "\r"
expect -exact "\r
Organization Name (eg, company) \[aaa\]:"
send -- "\r"
expect -exact "\r
Organizational Unit Name (eg, section) \[\]:"
send -- "\r"
expect -exact "\r
Common Name (eg, your name or your server's hostname) \[aaa\]:"
send -- "\r"
expect -exact "\r
Email Address \[aaa@aaa.co.uk\]:"
send -- "\r"
expect -exact "\r
\r
Please enter the following 'extra' attributes\r
to be sent with your certificate request\r
A challenge password \[\]:"
send -- "\r"
expect -exact "\r
An optional company name \[\]:"
send -- "\r"
expect -exact "\r
Using configuration from /etc/openvpn/easy-rsa/2.0/openssl.cnf\r
Check that the request matches the signature\r
Signature ok\r
The Subject's Distinguished Name is as follows\r
countryName :PRINTABLE:'GB'\r
stateOrProvinceName :PRINTABLE:'LND'\r
localityName :PRINTABLE:'LONDON'\r
organizationName :PRINTABLE:'aaa'\r
commonName :PRINTABLE:'aaa'\r
emailAddress :IA5STRING:'aaa@aaa.co.uk'\r
Certificate is to be certified until Jan 8 10:21:56 2020 GMT (3650 days)\r
Sign the certificate? \[y/n\]:"
send -- "y\r"
expect -exact "y\r
\r
\r
1 out of 1 certificate requests certified, commit? \[y/n\]"
send -- "y\r"
expect eof
|
|