I need to send a PEM-formatted certificate for storaging on a module that can be communicated with through the AT command set via a serial interface on one of Linux device nodes in /dev.
So far I've been using mostly
echo 'AT' > /dev/ttyX
to issue the necessary commands and it has done the trick just fine.
Any output from the device is monitored with cat /dev/ttyX on another terminal window.
I now have a certificate file encoded with ANSI. The documentation tells me to input it to the module using only LF line breaks and to terminate the input with Ctrl+Z, which I believe is hex 0x1A. The document also specifies that the certificate file may not end with an EOF character. I have used a hex editor to verify that the file is formatted as it should be.
I've tried to use both echo and printf to send the certificate chars / string to the module.
I have tried to include the 0x1A character in both the file and send it separately after the certificate chars like so:
printf '\x1a' > /dev/ttyX
or alternatively
echo -n -e '\x1a' > /dev/ttyX
The module seems to acknowledge the 0x1A as it stops the >-prompt for certificate and gives me the most verbose reply ever: ERROR
Generally, I'm sending the certificate file contents as follows:
echo -e "$(cat certfile)" > /dev/ttyX
or
printf '%b' "$(cat certfile)" > /dev/ttyX
Please assume that I have access to basic Linux shell tools (such as echo, printf, nano, stty and so on) with no option to trivially install new ones. I use SSH to access the target device and pscp to transfer the file to the target device. I also have a Windows rig on the side.
Any suggestions what else I should take into consideration? Maybe an stty option that I've missed? Does cat do something nasty in the input phase? A revealing trick to investigate the actual character data about to be send to the module? Some weird kink with serial comms I've missed?
If I
printf '%b' "$(cat cert)" > ./testoutput
and
od -x testoutput
the file looks alright in hex (I reordered the output from od -x manually, it seems to make pairs of the hex digits and switch them around). For example the end is:
2d 2d 2d 2d 2d 45 4e 44 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 0a 1a 00
There must be something in stty or the receiving end that's causing trouble. Right?
For example the end is:
2d 2d 2d 2d 2d 45 4e 44 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 0a 00 1a
Wait a sec. What's that 00 doing there, right before the 1a?
That doesn't belong. Try removing it.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I have a log file in a custom binary format sitting on a remote machine. I want to sync it with a file on my local machine, so when new bytes are appended to the remote binary file, the file on my local machine will be updated as well.
I learned about how to use tail over ssh here: https://serverfault.com/questions/608723/tail-a-file-from-ssh-and-mirror-to-a-local-file
Then I learned about how to use tail on binary files here: Binary "tail" a file
I tried combining them into
ssh -t remotebox "tail -c +1 -f /path/to/file.bin" > ./mirror.bin
But then I realized that mirror.bin is corrupted. Looking at the hex dump, I see that all 0d0a bytes are truncated into 0as (\r\n got replaced by just \n). However, if I run tail locally (tail -c +1 -f file1.bin > file2.bin), this truncation does not happen.
I also tried to use tee instead of redirection; the problem persists.
Are there shell tricks I can do with tail to prevent this from happening, or are there other programs that suites my needs?
Thanks.
P.S. Both remote and local machines are Linux, running bash.
The following reproduces the problem:
$ echo -e '123\r\n234\r\n' > /tmp/1
$ scp /tmp/1 server:/tmp/1
$ ssh -t server cat /tmp/1 > /tmp/2
Shared connection to closed.
$ diff /tmp/1 /tmp/2
1,3c1,3
< 123
< 234
<
---
> 123
> 234
>
It's possible that ssh -t changes \r\n to \n because it might do stty +igncr on the line. Mine ssh -t does the opposite (I think stty +inlcr) and I have the character doubled:
$ ssh -t server cat /tmp/1 | hexdump -C
Shared connection to closed.
00000000 31 32 33 0d 0d 0a 32 33 34 0d 0d 0a 0d 0a |123...234.....|
0000000e
$ ssh server cat /tmp/1 | hexdump -C
00000000 31 32 33 0d 0a 32 33 34 0d 0a 0a |123..234...|
0000000b
Anyway. remove the -t option if you do not have the intention to use terminal features.
And your command line suggest that you are copying a file. I have no idea why do you use tail for that - tail it's for outputting last part of file, not for printing the whole file... To print the whole file use cat. To copy a file, use scp.
I am developing software for a commercial product that runs on a Moxa MPC-2070 panel computer (Intel Atom based) under Debian 10 (Buster) with BlueZ (5.50) bluetooth support. The application has been developed using Qt Creator. I have been struggling to find a robust and reliable method to scan for Bluetooth Low Energy devices.
Because of an extreme performance problem associated with the QBluetoothDiscoveryAgent::start() method in Qt (which I won't go into here), I am using the bluetoothctl command to perform BLE device scanning. A wrapper around bluetoothctl provides it with input commands and parses the output from bluetoothctl. Sporadically (once every 1 - 150 times) that I launch bluetoothctl to perform the BLE scan, the bluetooth daemon process (bluetoothd) crashes with a SIGSEGV.
Here is the tail of syslog after the bluetoothd crash:
[315398.536280] show_signal_msg: 8 callbacks suppressed
[315398.536293] bluetoothd[523]: segfault at a8ec8148fd ip 00007f681ba3e143 sp 00007ffc8110a858 error 4 in libdbus-1.so.3.19.11[7f681ba2f000+2e000]
[315398.536343] Code: 85 ed 74 13 0a 18 88 18 48 83 c4 08 5b 5d c3 0f 1f 84 00 00 00 00 00 f7 d3 22 18 88 18 48 83 c4 08 5b 5d c3 0f 1f 00 48 8b 07 <0f> b6 40 02 85 f0 0f
95 c0 0f b6 c0 c3 55 48 89 fd 53 89 f3 48 83
I have restarted bluetoothd with the -d flag to enable debug output via:
$ sudo bluetoothd -d &
And again ran the bluetoothctl scans in a loop until bluetoothd again crashed. The full syslog showing the bluetoothd crash can be found here: Complete syslog with bluetoothd SIGSEGV
In the above syslog, the initial bluetoothd (without -d) crash can be found at Jan 14 09:58:55.
The restart of bluetoothd with the -d flag is at Jan 14 10:03:16.
The looping use of bluetoothctl begins at Jan 14 10:06:03.
bluetoothd again SIGSEGVs at Jan 14 10:05:13.
Sometimes the bluetoothd crashes happen after only 1 or 2 bluetoothctl commands, and other times it takes many iterations before the crash occurs.
This shell script will reproduce the bluetoothd crash. It loops performing essentially the same function as my C bluetoothctl wrapper program, but without the bluetoothctl output processing. Note that this script must be run as root or by a user id which is a member of the 'bluetooth' group.
#! /bin/bash
COUNT=0
RESULT=0
while [ "${RESULT}" != "9" ]
do
COUNT=`expr ${COUNT} + 1`
echo "Loop #${COUNT}"
# uveTagScanner -s FEA0 ${#} # The compiled bluetoothctl wrapper program with output processing
# RESULT="$?"
( echo "menu scan" # Enter the bluetoothctl scan sub-menu
echo "clear" # Clear all filter parameters
echo "transport le" # Filter scanning for low-energy devices only
echo "duplicate-data off" # Disable reporting of duplicate-data
echo "back" # Exit the bluetoothctl scan sub-menu & return to main menu
echo "scan on" # Start scanning for LE devices
sleep 10 # Let scanning proceed for 10 seconds
echo "scan off" # Stop scanning for LE devices
echo "quit" # Quit the bluetoothctl command
) | bluetoothctl
done
Within my C wrapper program (uveTagScanner) which fork()/exec()s bluetoothctl and performs the output processing, I am able to detect if bluetoothd has crashed and then restart it. But this is only a band-aid solution, as it still leaves me with instances where the scanning for BLE devices does not provide the needed information.
I'm running out of ideas on how to reliably perform BLE device scanning! I could try using the BlueZ libraries and Dbus interface APIs instead of bluetoothctl, but I fear that the same bluetoothd crash would occur.
I understand similar questions to this been asked in SO multiple times. However, I couldn't find any usual suspects here.
#!/bin/bash
myvar="test"
if [ "$myvar" == "test" ]
then
echo "Test mode"
fi
Spent quite some time on it. Can anyone advice what am I missing?
I am able to execute the script, but couldn't source the same.
error while source bash: test.sh: line 7: syntax error: unexpected end of file
$ which bash
/bin/bash
$ bash --version
3.2.57(1)
I am able to get the same working on my another Mac. So, it's pretty much something wrong on my Mac, but couldn't figure out what it is. Also, not only the above-mentioned script, any script with "if" condition I couldn't source. Tried different examples mentioned here, same syntax error.
edit1:
$ file test.sh
test.sh: Bourne-Again shell script text executable, ASCII text
edit2:
$ hexdump -C test.sh
00000000 23 21 2f 62 69 6e 2f 62 61 73 68 0a 6d 79 76 61 |#!/bin/bash.myva|
00000010 72 3d 22 74 65 73 74 22 0a 69 66 20 5b 20 22 24 |r="test".if [ "$|
00000020 6d 79 76 61 72 22 20 3d 3d 20 22 74 65 73 74 22 |myvar" == "test"|
00000030 20 5d 0a 74 68 65 6e 0a 65 63 68 6f 20 22 54 65 | ].then.echo "Te|
00000040 73 74 20 6d 6f 64 65 22 0a 66 69 0a |st mode".fi.|
0000004c
Check for newline character differences or encoding pages.
if it something as simple as this and there is a mac involved, always check that first
As other users already stated, you can check if newline is LF because CRLF will fail in linux. if you convert the script it should be fixed. you can install a tool which can convert CRLF into LF:
dos2unix test.sh
Regarding the sourcing, not sure if this may help you with your issue. assuming the wrapper script which sources test.sh is not called from bash...
#!/bin/sh
. ./test.sh
...the if statement will fail, because bourne shell does not support '==' but if you change it to...
#!/bin/bash
myvar="test"
if [ "$myvar" = "test" ]
...the script will sourced without errors. Please note it depends on how the script is sourced, the shebang might be ignored
Okay. After 10 months, my wife helped me debug this problem.
I had an alias in .bash_profile alias fi='firebase init'
Alias name fi makes bash to confuse with if statement.
Okay finally, found the issue.
I removed my .bashrc file and its working fine. Looks like something in .bashrc was messing it.
$ source test.sh
Test mode
Thanks, everyone appreciate it.
I am trying to set up an encrypted volume to store files securely. This is done on a NextThingCo pocketchip, but the OS is based on debian so I guessed I would give it a try here first, as my question is more related to dmcrypt than the platform itself (or so I think).
The recipe that I built so far is the following (may be incorrect or overly complicated):
Create a file
Set it up as a loop device.
Do the crypsetup for formatting and open. "abc" is the password, fed through stdin (is this assumption correct?).
Make a filesystem
Mount
So it looks like this:
sudo dd if=/dev/urandom of=./encrypted.volume bs=512K count=200
sudo losetup /dev/loop0 ./encrypted.volume
echo "abc" | sudo cryptsetup luksFormat /dev/loop0
echo "abc" | sudo cryptsetup open /dev/loop0 vault
sudo mkfs /dev/mapper/vault
sudo mount /dev/mapper/vault /mnt/vault
Now, all this seems to work fine and dandy, that is until I used the --debug parameter (I wanted to try other parameters as well e.g. key-size). And I realized the following messages:
# cryptsetup 1.7.0 processing "cryptsetup -v --debug --cipher aes-xts-plain64 --key-size
512 --hash sha512 --iter-time 5000 --timeout 10 --use-random luksFormat /dev/loop0"
# Running command luksFormat.
...
# Userspace crypto wrapper cannot use aes-xts-plain64 (-95).
...
device-mapper: remove ioctl on temporary-cryptsetup-6661 failed: Device or resource busy <------ appears when I change the --key-size to 512 i.s.o. default 256
...
device-mapper: remove ioctl on temporary-cryptsetup-6698 failed: Device or resource busy
I tried running the benchmark too:
chip#chip:~/data/run$ sudo cryptsetup --debug benchmark
[sudo] password for chip:
# cryptsetup 1.7.0 processing "cryptsetup --debug benchmark"
# Running command benchmark.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Tests are approximate using memory only (no storage IO).
# Crypto backend (gcrypt 1.6.4) initialized in cryptsetup library version 1.7.0.
# Detected kernel Linux 4.4.13-ntc-mlc armv7l.
# KDF pbkdf2, hash sha1: 59041 iterations per second (256-bits key).
PBKDF2-sha1 59041 iterations per second for 256-bit key
# KDF pbkdf2, hash sha256: 79437 iterations per second (256-bits key).
PBKDF2-sha256 79437 iterations per second for 256-bit key
# KDF pbkdf2, hash sha512: 40705 iterations per second (256-bits key).
PBKDF2-sha512 40705 iterations per second for 256-bit key
# KDF pbkdf2, hash ripemd160: 50412 iterations per second (256-bits key).
PBKDF2-ripemd160 50412 iterations per second for 256-bit key
# KDF pbkdf2, hash whirlpool: 7481 iterations per second (256-bits key).
PBKDF2-whirlpool 7481 iterations per second for 256-bit key
# Cannot initialise cipher aes, mode cbc.
Required kernel crypto interface not available.
Command failed with code 95: Operation not supported
Here is some additional info about the platform and OS:
chip#chip:~/data/run$ uname -r
4.4.13-ntc-mlc
chip#chip:~/data/run$ cat /boot/config-4.4.13-ntc-mlc | grep CRYPTO_USER_API_SKCIPHER
# CONFIG_CRYPTO_USER_API_SKCIPHER is not set
I understand that I would need to recompile the kernel after I set CONFIG_CRYPTO_USER_API_SKCIPHER so the userspace crypto API becomes available. I don't think there is a way around that, is there?
I LuksDump the information about the storage file:
chip#chip:~/data/run$ sudo cryptsetup luksDump ./encrypted.volume
LUKS header information for ./encrypted.volume
Version: 1
Cipher name: aes <------- ???
Cipher mode: xts-plain64 <------- ???
Hash spec: sha256
Payload offset: 4096
MK bits: 256
MK digest: ee f8 8d ad 9b 67 d9 7d cb 20 fe a9 25 a3 8b a5 c2 65 56 dd
MK salt: 38 74 e8 9d 77 6a 93 b5 03 41 cb 3e ce 79 b4 00
55 f3 98 8f c5 a7 14 05 25 9c 4e 91 68 1a 53 37
MK iterations: 18500
UUID: 36912ea4-9adb-4d1f-b9f2-f6a09a258833
Key Slot 0: ENABLED
Iterations: 150587
Salt: e8 4f f3 c1 07 1a 2b 2d d2 d9 f4 55 0f b3 13 28
2a 69 06 aa a0 94 4a 05 5d 5f e9 28 9b 91 39 94
Key material offset: 8
AF stripes: 4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
However, I have a few questions about the current situation:
Is the partition actually encrypted? If so, with which scheme?
How to check this on the command line? Trying to dump information about the partition tells me that "there is a LUKS header", but that does not tell me whether the data is encrypted or not.
How to solve the ''resource busy'' situation, which would let me use a key size of 512?
Thank you for reading all the way here. Any pointers will be greatly appreciated.
I am trying to find a call function in a binary file, so I tried this:
Compile my code (in C),
Use the command: mips-mti-linux-gnu-objdump -d myapp.elf> objdump.txt
My function in objdump.txt file: 9d003350: 42000828 myfunction 0x1
Now, I want to identify this function in myapp.bin when reading this from memory. But, I get this: 28080042.
I tried to use the command: xxd -ps myapp.bin> xxd.txt
Just can find: 28080042.
Is it possible to do that?
That's an endianness conflict. objdump and xxd are giving you the same bytes, they're just using different endianness.
Actual bytes in order:
28 08 00 42
Big endian value:
28 08 00 42
Little endian value:
42 00 08 28
xxd -p will print out the individual bytes in the file in the order in which they exist.
objdump is disassembling it, it knows that the bytes belong in groups of 4, and it's interpreting them as little-endian.
xxd can print in little-endian order, using the -e flag (with a default grouping of 4 bytes, use the -g flag to change the number of bytes per group). However, this is incompatible with the -p flag, because the -p flag ignores any grouping.
objdump can be made to print in big-endian order, using the -EB flag, however, this will affect what instructions it reports.