or you could have an expect process inside your firewall monitoring the
webserver and on detecting a problem, it would do an ssh logon to the
webserver, su, and do the password stuff as below, logoff... continue
monitoring...
ps... no code yet ;-)
cheers,
Sean
[EMAIL PROTECTED]
System Administrator wrote:
>
> OK I know this is defeats the purpose of having a password protected
> certificate, but this will do what you want. Get a program called
> "expect".....here's the expect script that does exactly what you want....
> albiet its for apache 1.2.6
>
> -- Cut Here --
> #!/usr/local/bin/expect --
>
> # Expect has to be at least version 5.0, which is ancient!
> exp_version -exit 5.0
>
> # The passphrase is going to be the pword variable
> set pword "THE_PASSPHRASE"
>
> # Duh, make it big for the hell of it
> set timeout 60
>
> # Just for the hell of it
> spawn /usr/bin/kill -TERM `/usr/bin/cat /var/httpd/logs/httpd.pid`
>
> # Run the secure version of apache
> spawn /usr/local/apache/bin/httpsd -f /etc/httpd.conf
>
> # Apache will say something like "Enter passphrase:", so lets wait till it
> says Enter
> expect "Enter"
>
> # Tell it our passphrase
> send "$pword\r"
>
> # Because I'm patient
> sleep 1
>
> # If you have more than one passphrase you want to bypass, just uncomment
> these and
> # if the password is different, create a new variable on top, easy enough..
> #expect "Enter"
> #send "$pword\r"
> #sleep 1
>
> -- Stop Here - EOF --
>
> You can put this in your rc files so it does this at bootup.......in solaris
> you can put it in /etc/rc2
>
> Sidenote : If you want it to be a little more secure than the above (having
> the password in plaintext, you can do a "man libexpect" and see how to code
> a C program using expect)
>
> ----- Original Message -----
> From: <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, June 30, 1999 8:43 AM
> Subject: Removing passphrase at boot
>
> > Hello all,
> > I know this has been covered before and is documented but we are having
> power
> > problems and I don't have any power on my computer where all this info is
> stored
> > so I apologize for the repeat.
> > We have recieved a cert from Verisign. We need to remove the passphrase
> so that
> > if we remotely reboot the machine it will not sit and wait for the phrase
> before
> > finishing the boot process.
> > How would I go about doing this?
> > Thanks,
> > John
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
