Created
April 12, 2015 16:03
-
-
Save GeoffWilliams/9889edfeef363a0b91c5 to your computer and use it in GitHub Desktop.
Revisions
-
GeoffWilliams created this gist
Apr 12, 2015 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,20 @@ #!/bin/bash # define the shared secret we will accept to authenticate identity SHARED_SECRET="your the best" # capture the certname (hostname) used for the request CERT_NAME=$1 # feed STDIN (file descriptor 0) to the openssl command and pipe # the output to grep to get the sharedSecret supplied by the agent # capturing the value in a variable called AGENT_SECRET AGENT_SECRET=$(openssl req -noout -text <&0 | awk -F ":" '/challengePassword/ { gsub(/\n$/, "", $2) ; print $2 }') if [ "$AGENT_SECRET" == "$SHARED_SECRET" ] ; then STATUS=0 echo "authorised agent: ${CERT_NAME}" else STATUS=1 echo "***!ALERT!*** incorrect or missing shared secret from ${CERT_NAME}" fi exit $STATUS