Creating chroot SFTP accounts

For $DAYJOB I had to create user accounts for customers and give them access to SFTP files to/from secured areas of our server. We wanted to use chroot functionality to ensure that no customer could see other customers' data, and prevent them from poking around potentially sensitive areas of the server. After a bit of trial-and-error, I've listed the lessons-learned here in a cook-book fashion so that in case I ever have to do it again, I have the steps documented.

This post was spurred to exist thanks to this Reddit post asking about creating an encrypted FTP server on OpenBSD so my reply there became the basis for this post.

Read more…

Sometimes you want to turn some text into "sarcastic Spongebob" text so this little fragment of awk will make that transformation for you:

#!/usr/bin/awk -f
BEGIN { srand() }
{
    n = split($0, a, //)
    for (i=1; i<=n; i++) {
        c=a[i]
        printf("%c", rand() < 0.5 ? toupper(c) : tolower(c))
    }
    print ""
}

Read more…

I wanted to do some full-justification of text. So a little awk later, I could set the desired width and pipe to justify it.

#!/usr/bin/awk -f
BEGIN {c = "COLUMNS" in ENVIRON ? ENVIRON["COLUMNS"] : 80}
{
    if (NF > 1) {
        s = $0
        wc = split(s, a)
        gsub(FS, "", s)
        totalfill = c - length(s)
        fill = totalfill / (wc - 1)
        intfill = int(fill)
        errdelta = fill - intfill
        err = 0.5
        printf("%s", a[1])
        for (i=2; i<=length(a); i++) {
            width = intfill
            err += errdelta
            if (err >= 1) {
                ++width
                err -= 1
            }
            printf("%*s%s", width, " ", a[i])
        }
        printf("\n")
    } else print
}

Read more…

Most Linux, BSD, MacOS machines come with /usr/share/dict/words so a little awk, grep, and other shell utilities can find some interesting words.

Read more…