Skip to content
EJR

Shell Functions

Here you'll find a few handy functions to use in ZSH and Bash Shell. Tested on Linux - likely work on Mac!

fixpermissions
# Set all files in a directory to 644 permissions and directories to 775
function fixpermissions() {
  find ./ -type d -print0 | xargs -0 chmod 0775
  find ./ -type f -print0 | xargs -0 chmod 0644
}
fixsshpermissions
# Set all files in the ~/.ssh to 644 permissions and directories to 775
function fixsshpermissions() {
  chmod -R 700 ~/.ssh/
  chmod 600 ~/.ssh/id_rsa
  chmod 600 ~/.ssh/config
  chmod 644 ~/.ssh/id_rsa.pub
  chmod 600 ~/.ssh/authorized_keys
}
myip
# Return public and local IP address
function myip() {
  publicip=$(curl -s https://ipecho.net/plain)
  localip=$(ip -o -4 addr show | awk -F '[ /]+' '/global/ {print $4}')
  echo -e "Public IP: " $publicip
  echo -e "Local IP: " $localip
}
psg
# Search processes containing a string or command (Usage: psg TERM)
psg() {
  if [[ $# -eq 0 ]] ; then
    echo -e "e[0;31mPlease provide a process name.e[0m"
  else
    ps aux | grep -v grep | grep -i -e VSZ -e "$@"
  fi
}
search
# Search current directory for files containing specified string (Usage: searchdir "Search Term")
search() {
  if [[ $# -eq 0 ]] ; then
    echo -e "e[0;31mPlease provide a string / search terme[0m"
  else
    grep -rni "$@" .
  fi
}
backup
# Backup a file by copying the file and prepending .bak to it (Usage: backup file.txt)
backup() {
  cp -- "$1"{,.bak};
}
certgen
# Generate self-signed CA, intermediate, and server certificates and keys
function certgen() {
  openssl req -x509 \
    -sha256 \
    -newkey rsa:4096 \
    -days 14600 \
    -nodes \
    -subj "/C=GB/ST=Localhost/L=Localhost/O=Localhost Certificate Authority/OU=Certificate Authority Certificate Issuer/CN=localhost" -out ca.crt -keyout ca.key

  openssl genrsa -out server.key 4096

  cat > csr.conf <<EOF
[ req ]
default_bits = 4096
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn

[ dn ]
C = GB
ST = Localhost
L = Localhost
O = Localhost Server Certificate
OU = Localhost Server Certificate Issuer
CN = localhost

[ req_ext ]
subjectAltName = @alt_names

[ alt_names ]
DNS.1 = localhost
IP.1 = 127.0.0.1
EOF

  openssl req -new -key server.key -out server.csr -config csr.conf

  cat > cert.conf <<EOF
authorityKeyIdentifier = keyid, issuer
basicConstraints = CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names

[alt_names]
DNS.1 = localhost
IP.1 = 127.0.0.1
EOF

  openssl x509 -req \
      -in server.csr \
      -CA ca.crt -CAkey ca.key \
      -CAcreateserial -out server.crt \
      -days 14600 \
      -sha256 -extfile cert.conf

  rm -f ./cert.conf ./csr.conf

read -p "Do you want to add the CA certificate to your operating system trusted certificates? (y/N) " -n 1 -r

  if [[ $REPLY =~ ^[Yy]$ ]]
  then
    if [ -d "/etc/pki/ca-trust/source/anchors" ]; then
      sudo cp ca.crt /etc/pki/ca-trust/source/anchors/ca.crt
      update-ca-trust extract
    fi

    if [ -d "/usr/local/share/ca-certificates" ]; then
      sudo cp ca.crt /usr/local/share/ca-certificates/ca.crt
      update-ca-certificates
    fi

    if [ -d "/etc/ca-certificates/trust-source/anchors" ]; then
      sudo cp ca.crt /etc/ca-certificates/trust-source/anchors/ca.crt
      trust extract-compat
    fi

    if [ -d "/usr/share/pki/trust/anchors" ]; then
      sudo cp ca.crt /usr/share/pki/trust/anchors/ca.crt
      update-ca-certificates
    fi
  fi
}