How to use laspass-cli to view a password? - lastpass

Lastpass-cli is the command-line interface of the Lastpass password manager. It can be downloaded by typing
sudo apt install lastpass-cli
in the terminal of GNU/Linux, Cygwin and Mac OS X system.
It is invoked by typing 'lpass'.
I have logged in using my username, master password, 2FA key.
I am trying to access using lpass one of the passwords stored in my Lastpass vault.
I know both the username and rough structure of the URL.
I tried lpass show
But I am unable to decipher the man page to decide what should I type to get the password.

To show the password just run
lpass show YOUR_KEY
If you already know the key name, if not you can combine it using grep to find you secret password name.
Check this tutorial to learn how to use lpass cli
https://yallalabs.com/linux/how-to-install-lastpass-cli-linux.

Related

Allow certain apps to access the keychain using command line

I am trying to automate a cert installation on a bunch of different Mac boxes so that I can build on any of them using Jenkins. I've seen that you can do an import:
sudo security import certName -P password
And you can also allow applications to use the keychain at installation time:
sudo security import certName -P password -T /usr/bin/codesign
But is there a way to modify existing installations from the command line so I don't have to reimport all the certs that I have imported already? Or is it okay to just reimport everything by running the second command on all the boxes, and it will just update the existing cert installation?
Basically, the overall problem I'd like to solve is to prevent the prompts asking for passwords every time I run a build that say "codesign would like to access the keychain", etc. And then I have to enter the password and click "Always Allow" to prevent it again. But every time I update the cert, I have to go through this process again.
Has anyone ever automated this entire process before? Installing the cert and allowing apps to access the keychain without prompting for a password.
I'd also be happy with allowing any applications to access the keychain without a password. I'm not sure if a flag like that even exists, but it would be a big help if this was possible.
It seems that these three lines were what I needed (answer found here: security / codesign in Sierra: Keychain ignores access control settings and UI-prompts for permission):
security unlock-keychain -p password kaychainName.keychain
security set-keychain-settings keychainName.keychain
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k password keychainName.keychain

Installing Jenkins the first time and do not know the default user name

I tried using Jenkins or my admin username as user and password. For password, I tried to update using sudo passwd jenkins, so I am fine on that. However, I am skeptical about the user name. How do I confirm the username for Jenkins? Can someone pls help me?
During the initial run of Jenkins a security token is generated and printed in the console log. The username is admin
The token should look something like,
*************************************************************
Jenkins initial setup is required. A security token is required to proceed.
Please use the following security token to proceed to installation:
41d2b60b0e4cb5bf2025d33b21cb
*************************************************************
For me the initial admin password was in a log at ~/.jenkins/secrets/initialAdminPassword
after installing with homebrew.
source
If you pod is running in a Kubernetes cluster, just look at the running process … Your initial password will be shown…
e.g.
--argumentsRealm.passwd.admin=**3kJQtPDkhk** --argumentsRealm.roles.admin=admin
Username: admin
For password,
cat /Users/$(whoami)/.jenkins/secrets/initialAdminPassword
you will get similar to this token 2762710d8dab4c88a59fea0a2e559069

travis-ci encrypt command is asking for login --pro

I am trying to encrypt some signature details using travis cli:
travis encrypt SONATYPE_USERNAME=xxxx
I get an error saying :
not logged in, please run travis login --pro
Is it required to have a pro login to use encrypt? Can I not use org login and use this command?
To encrypt, Travis-CLI will require being logged in first. The --pro flag provided with the help string is a good default (travis.com (paid) users are more likely to use the CLI), but not strictly necessary and can be replaced with --org, which will use the travis.org (free) endpoint.
for https://travis-ci.org
travis login --org
travis encrypt <string> --org

Hi I'm trying to install ruby and stuck at the password prompt as I have not set up a password for my mac

WARNING: Improper use of the sudo command could lead to data loss
or the deletion of important system files. Please double-check your
typing when using sudo. Type "man sudo" for more information.
To proceed, enter your password, or type Ctrl-C to abort.
Password:
So the solution it seems to be simple, just set a password for your Mac OSX login as the documentation support says, there's no other way to do that without a password.

Execute a sudo command in Ruby on Rails app

I am trying to execute a command like this from a Ruby on Rails app:
sudo service squid3 restart
If i try it with this code:
output = ´sudo service squid3 retsart´
It don't work, in the console i see that linux asks the password.
How can i pass a password with this command? Or other suggestions...
You can add the following line to your sudoers file (/etc/sudoers)
rails_user ALL=(root) NOPASSWD:/usr/sbin/service
This will basically let the rails_user user execute the service command as sudo, and the system won't ask you for a password.
rails_user should be replaced with whatever user that you are running your rails process under. And you should also make sure that
Defaults requiretty
is not present in your /etc/sudoers. If not you won't be able use sudo from a script.
You can try the sudo -S flag if available on you system (check man):
echo secretPasswd | sudo -S service squid3 restart
This means that the password will be in clear so you can add the user which needs to perform the task to the sudoers (which creates another security issue by the way).
Does your sudo have a -A switch?
-A
Normally, if sudo requires a password, it will read it from the current terminal. If the -A (askpass) option is specified, a helper program is executed to read the user's password and output the password to the standard output. If the SUDO_ASKPASS environment variable is set, it specifies the path to the helper program. Otherwise, the value specified by the askpass option in sudoers(5) is used.
I wouldn't recommend having the password available in any way to your web server processes though so you'd want to use the sudoers file.
You can use the expect method to catch the password prompt and send the password. However, it might be a better idea to allow your Rails user access to the service command without a password using the NOPASSWD option in /etc/sudoers.

Resources