/usr/bin/expect_cryptdir is in expect 5.45-7.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 | #!/bin/sh
# -*- tcl -*-
# The next line is executed by /bin/sh, but not tcl \
exec tclsh8.6 "$0" ${1+"$@"}
package require Expect
# Name: cryptdir
# Author: Don Libes, NIST
#
# Synopsis:
# cryptdir [dir]
# decryptdir [dir]
#
# Encrypt or decrypts the current directory or named directory if given.
if {![file exists /usr/bin/crypt]} {
puts "This example requires the mcrypt package."
exit
}
if {[llength $argv] > 0} {
cd $argv
}
# encrypt or decrypt?
set decrypt [regexp "decrypt" $argv0]
set timeout -1
stty -echo
send "Password:"
expect -re "(.*)\n"
send "\n"
set passwd $expect_out(1,string)
# Wouldn't want to encrypt/decrypt files with mistyped password!
send "Again:"
expect -re "(.*)\n"
send "\n"
if {![string match $passwd $expect_out(1,string)]} {
send_user "mistyped password?\n"
stty echo
exit
}
stty echo
log_user 0
foreach f [glob *] {
# strip shell metachars from filename to avoid problems
if {[regsub -all {[]['`~<>:-]} $f "" newf]} {
exec mv $f $newf
set f $newf
}
set strcmp [string compare .crypt [file extension $f]]
if {$decrypt} {
# skip files that don't end with ".crypt"
if {0!=$strcmp} continue
spawn sh -c "exec crypt < $f > [file root $f]"
} else {
# skip files that already end with ".crypt"
if {0==$strcmp} continue
spawn sh -c "exec crypt < $f > $f.crypt"
}
expect "key:"
send "$passwd\r"
expect
wait
exec rm -f $f
send_tty "."
}
send_tty "\n"
|