-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[fix] fix copy not encrypt password bug
- Loading branch information
1 parent
222c540
commit fa7234f
Showing
14 changed files
with
175 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,27 +1,87 @@ | ||
# Alfred-sshutil | ||
# Alfred-SSH-Util | ||
|
||
1. 唤出搜索框,输入ssh | ||
[中文文档](./README_CN.md) | README in English | ||
|
||
![image-20230512092929388](https://tc.mustache.top/picGo/202305120929435.png) | ||
--- | ||
|
||
2. 回车 | ||
|
||
![image-20230512093149832](https://tc.mustache.top/picGo/202305120931853.png) | ||
|
||
通过mysql配置服务器的账号密码等信息,python脚本获取数据库信息,通过shell脚本使用expect连接服务器. | ||
An alfred workflow for one-click connections to servers | ||
|
||
## 环境要求 | ||
![view](./assets/view.mp4) | ||
|
||
![image-20231121170634065](./assets/image-20231121170634065.png) | ||
|
||
Execute python scripts to read the server configuration information in the mysql database by triggering actions, and connect to the server with one click through the expect shell | ||
|
||
## Function | ||
|
||
- One-click connection to the server | ||
|
||
- Copy the ip address of the server to the clipboard | ||
- Copy the server password to the clipboard | ||
|
||
* The database password supports AES encryption and can be decrypted locally by setting AES key alfred environment variable to ensure data security from the client to the MYSQL server | ||
|
||
## Environment | ||
|
||
* Python3 | ||
|
||
```shell | ||
pip3 install pymysql | ||
# for connect mysql | ||
pip3 install pycryptodome | ||
# for AES encrypt and decrypt | ||
``` | ||
|
||
环境变量配置 | ||
## How to use | ||
|
||
Download the latest version of the installation package from realeases, drag it to alfred's workflow, and set the environment variables | ||
|
||
![image-20231121182433445](./assets/image-20231121182433445.png) | ||
|
||
![image-20231121182852543](./assets/image-20231121182852543.png) | ||
|
||
The configuration items are as follows: | ||
|
||
1. AES encryption key | ||
2. Name of the MYSQL database | ||
3. Address of the database server | ||
4. Password for connecting to the database | ||
5. Database port | ||
6. Username for connecting to the database | ||
|
||
|
||
|
||
The common.sql under this warehouse can be imported into the database you created, and the server information can be filled in according to the fields | ||
|
||
Type ssh to get the list of servers by calling up the alfred input box | ||
|
||
Select the corresponding server press enter to connect to the server | ||
|
||
Select the corresponding server command and press Enter to copy the server ip address to the clipboard | ||
|
||
Select the corresponding server option + Press Enter to copy the server password to the clipboard | ||
|
||
### Encryption needs | ||
|
||
If encryption is not enabled, the encrypt field in the database defaults to 0 | ||
|
||
If encryption is enabled, encry keyword trigger is also set in this workflow. All passwords in the database are encrypted according to the AES environment variable configuration configured by alfred as the encryption key | ||
|
||
**Encryption method** | ||
|
||
The ECB mode of AES is used for encryption, because AES requires the number of bytes of plaintext and key to be a multiple of 16, so the data needs to be filled. Because there are various algorithms for filling, it is recommended to directly use workflow to encrypt the data in the database. Alternatively, manually encrypt the store via encryptUtil.py under the repository. | ||
|
||
This workflow uses the pkcs7 filling algorithm to fill plaintext or keys that do not meet the 16 multiples | ||
|
||
--- | ||
|
||
|
||
|
||
**If you encounter any problem, start alfred debug mode to troubleshoot it yourself. If you can't solve it, take a screenshot and issue privacy code** | ||
|
||
![image-20231121190259545](./assets/image-20231121190259545.png) | ||
|
||
<img src="https://tc.mustache.top/picGo/202305120912772.png" alt="image-20230512091231754" style="zoom: 25%;" /> | ||
|
||
<img src="https://tc.mustache.top/picGo/202305120913255.png" alt="image-20230512091353233" style="zoom:25%;" /> | ||
|
||
在自己的数据库中执行建表脚本。 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
# Alfred-SSH-Util | ||
|
||
中文文档 | [README in English](./README.md) | ||
|
||
--- | ||
|
||
|
||
|
||
一个用于一键连接服务器的alfred workflow | ||
|
||
![view](./assets/view.mp4) | ||
|
||
![image-20231121170634065](./assets/image-20231121170634065.png) | ||
|
||
通过触发动作执行 python 脚本读取 mysql 数据库中的服务器配置信息,通过 expect shell 一键连接服务器 | ||
|
||
## 功能 | ||
|
||
- 一键连接服务器 | ||
|
||
- 复制服务器 ip 到剪切板 | ||
- 复制服务器密码到剪切板 | ||
|
||
* 数据库密码支持 AES 加密,本地通过设置 AES 密钥alfred环境变量解密,保证用户端到 MYSQL 服务器数据安全 | ||
|
||
## 环境要求 | ||
|
||
* Python3 | ||
|
||
```shell | ||
pip3 install pymysql | ||
# 用于连接 mysql | ||
pip3 install pycryptodome | ||
# 用于 AES 加解密 | ||
``` | ||
|
||
## 使用教程 | ||
|
||
从 realeases里下载最新版本安装包拖动到 alfred 的 workflow,设置环境变量 | ||
|
||
![image-20231121182433445](./assets/image-20231121182433445.png) | ||
|
||
![image-20231121182852543](./assets/image-20231121182852543.png) | ||
|
||
配置项按顺序分别为: | ||
|
||
1. AES 加密密钥 | ||
2. MYSQL数据库名称 | ||
3. 数据库服务器地址 | ||
4. 数据库连接密码 | ||
5. 数据库端口 | ||
6. 数据库连接用户名 | ||
|
||
--- | ||
|
||
|
||
|
||
将本仓库下的 common.sql通过导入你创建的数据库,按字段填写服务器信息即可 | ||
|
||
通过唤出 alfred 输入框,输入 ssh 获取服务器列表信息 | ||
|
||
选择对应的服务器回车即可连接服务器 | ||
|
||
选择对应的服务器command + 回车复制服务器 ip 到剪切板 | ||
|
||
选择对应的服务器option + 回车,复制服务器密码到剪切板 | ||
|
||
### 加密需知 | ||
|
||
如果不启用加密,数据库中 encrypt 字段默认 0 即可 | ||
|
||
如果启用加密,本 workflow 也设置了 encry 关键词触发一键将数据库所有密码按照alfred 配置的 AES环境变量配置作为加密密钥进行加密 | ||
|
||
**加密方式** | ||
|
||
使用 AES 的ECB模式进行加密,因为 AES 需要让明文和密钥的字节数为 16 的倍数,所以需要对数据进行填充,由于填充有多种算法,建议直接使用 workflow 的方式对数据库中数据加密,或者通过仓库下的encryptUtil.py手动加密存储。 | ||
|
||
该 workflow 通过 pkcs7 填充算法对不满足 16 倍数的明文或者密钥进行填充 | ||
|
||
--- | ||
|
||
|
||
|
||
**遇到任何问题,先开启 alfred debug 模式自己排查,解决不了,截图,隐私打码发 issue** | ||
|
||
![image-20231121190259545](./assets/image-20231121190259545.png) | ||
|
||
|
||
|
Binary file not shown.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,11 @@ | ||
## 复制密码时进行解密 | ||
import sys | ||
import os | ||
from encryptUtil import decrypt_aes | ||
|
||
password = sys.argv[1] | ||
password = decrypt_aes(password, os.environ['AES']) | ||
if password.startswith('*&*'): | ||
password = password[3:] | ||
password = decrypt_aes(password, os.environ['AES']) | ||
|
||
sys.stdout.write(password) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
# 用于对数据库所有密码进行加密 | ||
import pymysql | ||
import os | ||
from Crypto.Cipher import AES | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
# AES加密工具 | ||
from Crypto.Cipher import AES | ||
from Crypto.Util.Padding import pad, unpad | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
# 用于生成 expect 脚本 | ||
import sys | ||
import json | ||
import os | ||
|