-
Notifications
You must be signed in to change notification settings - Fork 14
/
jamfCredEncypter.command
executable file
·50 lines (39 loc) · 1.59 KB
/
jamfCredEncypter.command
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/bin/bash
# Use 'openssl' to create an encrypted string for script parameters
# obscure creds from jamf console when passing account credentials from the JSS to a client
#
# based on jamfIT's script - https://github.com/jamfit/Encrypted-Script-Parameters
# but easier and more reusable
# lach
clear
read -p "username: " username
read -s -p "password: " password
echo
read -p "salt (or blank to gen): " SALT
read -p "key (or blank to gen): " KEY
# Usage ~$ GenerateEncryptedString "String"
[ -z ${SALT} ] && SALT=$(openssl rand -hex 8)
[ -z ${KEY} ] && KEY=$(openssl rand -hex 12)
username_enc=$(echo "${username}" | openssl enc -aes256 -a -A -S "${SALT}" -k "${KEY}")
password_enc=$(echo "${password}" | openssl enc -aes256 -a -A -S "${SALT}" -k "${KEY}")
clear
echo '
--- pass these encrypted creds to your script from the jamf policy ---
username_enc: '${username_enc}'
password_enc: '${password_enc}'
-----------------8<----- add this to your jamf script -----8<-------------------
################################################################################
#
# decrypt credentials - jamfCredEncrypter.sh
#
################################################################################
username_enc="${4}"
password_enc="${5}"
salt="'${SALT}'"
key="'${KEY}'"
username=$(echo "${username_enc}" | openssl enc -aes256 -d -a -A -S "${salt}" -k "${key}")
password=$(echo "${password_enc}" | openssl enc -aes256 -d -a -A -S "${salt}" -k "${key}")
################################################################################
-----------------8<----- add this to your jamf script -----8<-------------------
'
exit