下面是小编给大家整理的linux shell自动创建ca证书脚本linux操作系统,本文共3篇,欢迎大家借鉴与参考,希望对大家有所帮助。
篇1:linux shell自动创建ca证书脚本linux操作系统
在linux下创建证书大概是大多数人很头疼的事情,今天我在网上搜到个不错的shell自动创建ca证书的脚本,来分享给大家.
脚本内容:
代码如下复制代码#!/bin/bash
# Author: MOS
# Script. name: mos_ca.sh
# Date & Time: -01-06/23:05:35
# Version: 1.0.2
# Description:
#
[ -f /etc/sysconfig/mos_ca.conf ] && . /etc/sysconfig/mos_ca.conf
Config{
Cnf=${Cnf:-/etc/pki/tls/openssl.cnf}
cp $Cnf $Cnf.`date +%F-%T`.bak
Dir=${Dir:-/etc/pki/CA/}
Cny=${Cny:-CN}
Pve=${Pve:-Henan}
Cty=${Cty:-Zhengzhou}
Bis=${Bis:-Youguess}
Bnh=${Bnh:-Tech}
PN=`grep “stateOrProvinceName_default.*=[[:space:]].*” /etc/pki/tls/openssl.cnf|cut -d“t” -f1`
sed -i “s@(^dir.*=[[:space:]]).*@1$Dir@g” $Cnf
sed -i “s@(^countryName_default.*=[[:space:]]).*@1$Cny@g” $Cnf
if [ $OPN = s ];then
sed -i “s@(^stateOrProvinceName_default.*=[[:space:]]).*@1$Pve@g” $Cnf
else
sed -i “s@^#(stateOrProvinceName_default.*=[[:space:]]).*@1$Pve@g” $Cnf
fi
sed -i “s@(^localityName_default.*=[[:space:]]).*@1$Cty@g” $Cnf
sed -i “s@(^0.organizationName_default.*=[[:space:]]).*@1$Bis@g” $Cnf
sed -i “s@^#(organizationalUnitName_default([[:space:]])=)@1 $Bnh@g” $Cnf
}
Create_CA(){
Dir=${Dir:-/etc/pki/CA/}
[ ! -d ${Dir}crl ] && mkdir -pm 700 ${Dir}crl
[ ! -d ${Dir}newcerts ] && mkdir -pm 700 ${Dir}newcerts
[ ! -d ${Dir}certs ] && mkdir -pm 700 ${Dir}certs
[ ! -f ${Dir}index.txt ] && touch ${Dir}index.txt
[ ! -f ${Dir}serial ] && echo 01 >${Dir}serial
[ ! -d ${Dir}private ] && mkdir -pm 700 ${Dir}private
(umask 077; openssl genrsa -out ${Dir}private/cakey.pem 2048 &>/dev/null )
#read -p “Please input CA hostname [default:ca.mos.com]: ” Host
Host=${Host:-ca.mos.com}
#read -p “Please input CA E-mail [default]:root@mos.com]: ” Em
Em=${Em:-root@mos.com}
echo -e “nnnnn${Host}n${Em}n”|openssl req -x509 -new -key ${Dir}private/cakey.pem -out ${Dir}cacert.pem -days 3650 &>/dev/null
}
Create(){
Dir=${Dir:-/etc/pki/CA/}
Date=`date +%F-%H:%M:%S`
[ ! -f /etc/pki/CA/private/cakey.pem ] && Create_CA && return 0
if [ -f /etc/pki/CA/private/cakey.pem ];then
read -p “CA existe,Continue? y: Move file; n->Quit. [y|n] ” Choice
if [[ “$Choice” == “y” ]];then
[ ! -d “$Dir”“$Date”tmp ] && mkdir -p “$Dir”“$Date”tmp
mv “$Dir”* “$Dir”“$Date”tmp/ &>/dev/null
Create_CA
elif [[ “$Choice” == “n” ]];then
exit 0
else
echo “Error input...”
exit 1
fi
fi
}
Create_crt(){
(umask 077;openssl genrsa 1024 >“$Ddir”“$Dname”.key) &>/dev/null
echo -e “nnnnn”$Dhost“n”$DE“nnn”|openssl req -new -key “$Ddir”“$Dname”.key -out “$Ddir”“$Dname”.csr &>/dev/null
[[ $Set != “-s” ]] && echo -e “ynyn”|openssl ca -in “$Ddir”“$Dname”.csr -out “$Ddir”“$Dname”.crt -days 365 &>/dev/null && exit 0
[[ $Set == “-s” ]] && exit 0
}
Demo_crt(){
Ddir=${Ddir:-/opt/mos_demo/}
Dname=${Dname:-demo}
Dhost=${Dhost:-demo.mos.com}
De=${De:-root@mos.com}
Date=`date +%F-%H:%M:%S`
[ ! -d $Ddir ] && mkdir -p $Ddir &>/dev/null
[[ ! -f “$Ddir”“$Dname”.key && ! -f “$Ddir”“$Dname”.csr ]] && Create_crt && exit 0
if [[ -f “$Ddir”“$Dname”.key || -f “$Ddir”“$Dname”.csr || -f “$Ddir”“$Dname”.crt ]];then
read -p “Demo certificate existe, Continue? y: Move file; n: Quit. [y|n] ” Cie
if [[ “$Cie” == “y” ]];then
[ ! -d “$Ddir”“$Date”tmp ] && mkdir -p “$Ddir”“$Date”tmp && mv “$Ddir”“$Dname”* “$Ddir”“$Date”tmp/ &>/dev/null
Create_crt
exit 0
elif [[ “$Cie” == “n” ]];then
exit 0
else
echo “Error input...”
fi
fi
}
Set=$1
if [[ $Set =~ (-n)|(-o)|(-s)|(CA) && -z $2 || -z $Set ]];then
[ -z $Set ] && Config && Create && Demo_crt && exit 0
[ $Set = -n ] && Demo_crt && exit 0
[ $Set = -s ] && Config && Demo_crt && exit 0
[ $Set = CA ] && Config && Create && exit 0
[ $Set = -o ] && echo -e “ynyn”|openssl ca -in “$Other”.csr -out “$Other”.crt -days 365 &>/dev/null
else
echo “Error,Invalid option!”
exit 1
fi
使用方法:
代码如下复制代码chmod +x mos_ca.sh./mos_ca.sh
篇2:linux自动检测磁盘空间脚本并自动报linux操作系统
本文章来给各位同学介绍一段关于linux自动检测磁盘空间脚本并自动报,两个实例大家需要加入计划任务中才可以哦,
闲来蛋痛写了一代码
例1
代码如下复制代码#!/bin/sh
MAX=99
LIST=$(df -h|awk '{print $5}'|sed 's/%//g'|sed '/[a-zA-Z]/d')
mailto=“135********@139.com”
subject=“$(hostname)'s partition alert”
content=“$(hostname)'s used detail:n $(df -h |awk '{print$6,$5}') ntime:$(date -d today +'%Y-%m-%d %H:%M:%S')”
for PERCENT in $LIST; do
if [ $PERCENT -gt $MAX ]; then
echo -e “MAX Used:$PERCENT%n$content” | mail -s “$subject” $mailto
exit
fi
done
exit
大家可自动加入定时任务中去执行了
例2(功能:监控磁盘空间大小并自动报)
代码如下复制代码#!/bin/sh
#make by itbit
init()
{
IPADD=`ifconfig|grep 172.18|awk '{print $2}'|sed 's/addr://g'`;
NOWTIME=`date +%F-%H:%M`;
MAILTO=“”;
MAIL_SUB=“ !**Report - Disk Capacity Report $NOWTIME **!”;
tmpfile=/tmp/iamatmpfile.tmp
}
mhead()
{
echo “” >$tmpfile;
echo “From :$IPADD” >>$tmpfile
echo “State :Report” >>$tmpfile
echo “ReportBy:$0” >>$tmpfile
echo “DateTime:$NOWTIME” >>$tmpfile
echo “Info :codfei” >>$tmpfile
echo “” >>$tmpfile;
}
smail()
{
mail -s “$MAIL_SUB” $MAILTO < $tmpfile
}
init;
for x in `df | grep /dev | awk '{print $5}' | sed 's/%//g'`
do
if [ $x -gt 89 ]; then
mhead;
df -h >>$tmpfile;
smail;
exit 0;
fi
done
篇3:Linux定时自动备份数据库并上传至FTP的脚本linux操作系统
本文章来给大家介绍一段Linux定时自动备份数据库并上传至FTP的脚本代码,有需要了解的朋友可进入参考,
适用于使用lnmp环境下定时自动备份网站和mysql数据库并上传至FTP:
代码如下复制代码•#!/bin/bash
•MYSQL_USER=root
•MYSQL_PASS=root
•FTP_USER=ftp
•FTP_PASS=123456
•FTP_IP=www.is36.com
•FTP_backup=/public_html/
•WEB_DATA=/home/wwwroot/
•
•DataBakName=Data_$(date +“%Y%m%d”).tar.gz
•WebBakName=Web_$(date +%Y%m%d).tar.gz
•OldData=Data_$(date -d -5day +“%Y%m%d”).tar.gz
•OldWeb=Web_$(date -d -5day +“%Y%m%d”).tar.gz
•rm -rf /home/backup/Data_$(date -d -3day +“%Y%m%d”).tar.gz /home/backup/Web_$(date -d -3day +“%Y%m%d”).tar.gz
•cd /home/backup
•for db in `/usr/local/mysql/bin/mysql -u$MYSQL_USER -p$MYSQL_PASS -B -N -e 'SHOW DATABASES' | xargs`; do
• (/usr/local/mysql/bin/mysqldump -u$MYSQL_USER -p$MYSQL_PASS ${db} | gzip -9 - >${db}.sql.gz)
•done
•tar zcfP /home/backup/$DataBakName /home/backup/*.sql.gz
•rm -rf /home/backup/*.sql.gz
•tar zcfP /home/backup/$WebBakName $WEB_DATA
•
•ftp -i -n << !
•open $FTP_IP
•user $FTP_USER $FTP_PASS
•bin
•lcd /home/backup/
•cd $FTP_backup
•delete $OldData
•delete $OldWeb
•put $DataBakName
•put $WebBakName
•bye
★服务器被DDOS攻击防御脚本总结Windows服务器操作系统
文档为doc格式