Shell that will generate new users with passwords

[bencori]

Hello.

I have written a shell script which is able to generate a new user for OpenVPN. It works great, though it doesn't support passwords. This is what I'm having trouble with.
Because I don't know how to enter the passwords automatically. I have been using the --batch argument but being fairly new to shell developing I don't find the right syntax to achieve this.

Code: Select all

# Changing 
./build-key --batch "$usname"

# to
./build-key-pass --batch "$usname"

# But then how to I enter the password using the script ?
# This is what I have tried:

echo "$pass/n$pass/n" | ./build-key-pass --batch "$usname"

# I have also tried using expect but it still stops the scripts and prompts for password
# I guess some of you achieved this before, any help ?
# thank

[janjust]

'build-key-pass' uses the 'pkitool' script (part of easy-rsa as well) which in turn uses 'openssl rsa' and 'openssl ca' command to generate and sign the certificate. You'd need to modify the 'pkitool' command to allow it to pass the password via a file or stdin; the line to modify is (most likely)

Code: Select all

356     ( [ $DO_REQ -eq 0 ] || $OPENSSL req $BATCH -days $KEY_EXPIRE $NODES_REQ -new -newkey rsa:$KEY_SIZE \
357             -keyout "$FN.key" -out "$FN.csr" $REQ_EXT -config "$KEY_CONFIG" $PKCS11_ARGS ) && \

Add something like

Code: Select all

-passin:stdin

to have it read the password from stdin; see 'man openssl' for details on the 'passin' option

[bencori]

Oh ok. I was looking for an "easier" way (as in not modifying existing material). I thought it could be done using a specific syntax. Anyway, I'll look into this, thank you very much !