base64加密常用命令
日常线上运维操作时一些敏感命令涉及到删除本地文件,或者mysql创建用户明文密码等问题则需要用到base64进行加密处理。
连接mysql客户端添加新用户用户(变量前添加5个随机字符)
将以下建新用户授权sql进行base64加密:
create user 'abc'@'127.0.0.1' identified by 'a123456789';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE ROUTINE, ALTER ROUTINE ON *.* TO 'abc'@'127.0.0.1' with grant option;
flush privileges;
加密后对应base64为
Y3JlYXRlIHVzZXIgJ3Jvb3QnQCcxMjcuMC4wLjEnIGlkZW50aWZpZWQgYnkgJ2ExMjM0NTY3ODknOwpHUkFOVCBTRUxFQ1QsIElOU0VSVCwgVVBEQVRFLCBERUxFVEUsIENSRUFURSwgRFJPUCwgUkVMT0FELCBTSFVURE9XTiwgUFJPQ0VTUywgRklMRSwgUkVGRVJFTkNFUywgSU5ERVgsIEFMVEVSLCBTVVBFUiwgQ1JFQVRFIFRFTVBPUkFSWSBUQUJMRVMsIExPQ0sgVEFCTEVTLCBFWEVDVVRFLCBSRVBMSUNBVElPTiBTTEFWRSwgUkVQTElDQVRJT04gQ0xJRU5ULCBDUkVBVEUgUk9VVElORSwgQUxURVIgUk9VVElORSBPTiAqLiogVE8gJ3Jvb3QnQCcxMjcuMC4wLjEnIHdpdGggZ3JhbnQgb3B0aW9uOwpmbHVzaCBwcml2aWxlZ2VzOw==
添加base64加解密的alias别名,执行别名ld_sql "base64字符串"
alias ld_sql='fun(){ mysql -uroot -S /data/mysqldata3306/sock/mysql.sock -p -C -e "`base64 -d <<< ${1:5}`" ; }; fun'
alias ld_sql='fun(){ mysql --login-path=test -C -e "`base64 -d <<< ${1:5}`" ; }; fun'
ld_sql "hYmFzY3JlYXRlIHVzZXIgJ3Jvb3QnQCcxMjcuMC4wLjEnIGlkZW50aWZpZWQgYnkgJ2ExMjM0NTY3ODknOwpHUkFOVCBTRUxFQ1QsIElOU0VSVCwgVVBEQVRFLCBERUxFVEUsIENSRUFURSwgRFJPUCwgUkVMT0FELCBTSFVURE9XTiwgUFJPQ0VTUywgRklMRSwgUkVGRVJFTkNFUywgSU5ERVgsIEFMVEVSLCBTVVBFUiwgQ1JFQVRFIFRFTVBPUkFSWSBUQUJMRVMsIExPQ0sgVEFCTEVTLCBFWEVDVVRFLCBSRVBMSUNBVElPTiBTTEFWRSwgUkVQTElDQVRJT04gQ0xJRU5ULCBDUkVBVEUgUk9VVElORSwgQUxURVIgUk9VVElORSBPTiAqLiogVE8gJ3Jvb3QnQCcxMjcuMC4wLjEnIHdpdGggZ3JhbnQgb3B0aW9uOwpmbHVzaCBwcml2aWxlZ2VzOw=="
删除cm0gLXJmCg== 解密后等价于 rm -rf
alias file.x='fun(){ $(`base64 -d <<< cm0gLXJmCg==` $@); }; fun'
file.x filename
其他包含明文密码的操作命令以此同理使用。