Programs by Anthony Thyssen
- Anthony's Castle is his home
- About Anthony Thyssen
- Scribe Anthony some Mail
I have made these programs publicly available, and you are free to copy,
modify and or re-distribute them. Please do not remove my name from
any of them. If you make modifications, or have suggestions please mail them
back to me so that others may share them.
- encrypt: My File Encrypt/Decrypt Program (Perl Script)
- Perl program to encrypt/decrypt pipelined file streams using the perl
cryptography module Crypt::CBC to do the task with the derived key and IV
parameters, much like the "aespipe" C program.
However this version uses the PBKDF v2 password to derive the encryption
key from user passphrase. This is a lot safer than simply using the
OpenSSL "enc" option to do a 'Salted' file encryption, which does only
a single iteration to derive the encryption key from the user provided
password. By using PBKDFv2 to iterated the encryption key derivation, you
effectively slow down brute force dictionary attacks to speeds making it
less practical, without sacrificing the normal usage of the pass-phrase to
encryption key hashing.
I use this program for almost all my encryption needs, and have even set
up my VIM text editor to call this program when I attempt to edit an
encrypted file. This makes it especially useful for personal password
files (web passwords), as well as editing "key_files" (see the "ks" script
See the script comments for the encrypted file format.
- pbkdf2: Perl Equivalent to PBKDF2 algorithm (Perl Script)
- A direct perl implementation of the algorithm, implements the Password
Based Key Derivation Function version 2 (PBKDF v2) as per RFC 2898 or PKCS
#5. Can be used either as a loadable module, or directly as a perl
program. Of course it is slightly slower than the equivalent C program.
The perl "Crypt::PBKDF2" version, more commonly available, has a HUGE
number of dependencies that is simply not required! It is basically
a dependency hell.
I verified that it does indeed generate the same results as the OpenSSL
This is built into the "encrypt" script above, and the "ks" script below.
- pbkdf2: Access OpenSSL Library PBKDF2 sub-routine (C Program)
- A trival program to allow command line access to the OpenSSL library
function PKCS5_PBKDF2_HMAC_SHA1(). This is the function that implements
the Password Based Key Derivation Function version 2 (PBKDF v2) as per RFC
2898 or PKCS #5.
It was used by older versions of the "encrypt" script, but is no longer
required, as my scripts now use the perl equivalent.
It would be better if the "openssl" program made the PBKDF2 subroutine
accessible from the command line.
- askpass_stars_v1: read a password while echoing stars (Shell Script)
- The oldest version of the ask password while echoing stars. Published
here as a FYI. I do not expect it to be used.
- askpass_stars: latest version (Shell Script)
- A shell script to try and read a password while outputting stars so that
the user can see that what they are typing is being relieved.
See my notes in "Password
Input, in the section "DIY Shell Script Password Reading".
NOTE: Since I released (and improved) the 'stars' script I learned that
the new "systemd" software of the latest linux systems provide the same
functionality. The program is "systemd-ask-password" and provides an
excellent replacement. The "ks" program (see next) has been updated to
use this script if available.
Update: The script also now handles password caching in the Linux Kernel
Keyring. My "encrypt" file encryption script (see above) has now also been
updated to use password cacheing (special option) when editing encrypted
files, so I do not need to remember and type the password when saving
the encrypted file again. Something that has causes a number of mishaps
and loss of the file.
- encrypted_function: store and run a encrypted shell function (Shell Script)
- A way of storing a small shell script (function) that you do not want to
be visible to anyone reading the script. Useful for storing secret password
generators. For example convert a URL into a password for a web site.
Any small shell script can be stored, and used as needed, and options are
provided to let you store, view, change, or change the password of the
Recommend you set a TTY_ASKPASS environment variable pointing to the
"askpass_stars" script above, or some other password system, though the
script can also read the password from the user (EG: without echo).
Filesystems Mounting and Data Store Encryption
- ks: An Encryption Keystore (Perl Script)
- KS is a key management system that can handle the binary encryption keys
needed for ANY encryption scheme. Though it is currently specifically
aimed at EncFS data stores, it can be set up (and has been setup) to
handle any type of encrypted data store, that uses command line controls.
It is a simple perl script and can be easily expanded to provide special
options for the management of other types of encrypted data stores, and
methods, other than EnsFS, or data stored in the key file itself.
The 'key files' are encrypted using a user supplied password, (using "encrypt", see above) and contain the actual randomly
generated binary master key for encrypted file system, as well as the
commands, and configuration data needed for the decryption. As the
configuration file is also stored, even the 'public' details of the
encryption the real data is secured. I don't believe in giving a cracker
any public help if I can.
The 'key files' are stored in filenames that look like encfs files and so
can be interleaved into a real directory of a fake encfs filesystem to
further protect the fact of there existence.
The 'key store' (directory where 'key files' are stored) can be physically
separated from the actual encrypted data (on USB sticks, or network
mounts), making it more secure (two factor).
Also fake 'key files' (name/password pairs) can be added, to the 'key
store'. These fake keys can be made to decrypt other data, probably from
the same location (interleaved data), or even be made to destroy the access
to the real data, to further confuse would be attackers. It means you can
give up a password to fake, or less important data, without comprising the
real data, creating plausible deniability and prevent rubber hose attacks.
Basically a key file could decrypt something else, or run any command!
The 'key files' could instead of holding a master key and configuration
data, can be used to hold some other text data. For example passwords for
various websites, or your mother's secret sauce recipes.
One example is for the 'key file' data to be a complex executable shell
script or even a binary program, that can do other things that you want to
keep secret. For example a shell script that holds the password and
procedure to access to a ultra secure web site. You then never need to
see, remember the details yourself!
- mount_encrypted: User mount of DM-crypt filesystems (Shell)
- With the system "/etc/fstab" setup correctly, you do not need to need to
become root to mount a dm_crypt filesystem. This script lets you mount
a dm-crypt or luk-crypt encrypted block file systems, with appropriate
with password handling for either TTY and X-Windows, as well as good error
handling and reporting of any problem encountered.
I previously used this script extensively from command line, shell
scripts, and GUI application launchers, menus, and filesystem mount
programs, to mount encrypted filesystems given a user password, without
needing root or sudo access.
However its use has since been superseded by encfs and the "ks" script
above. EncFS allows me to directly back up and/or file synchronize the
encrypted data between machines without requiring decryption, unlike
a disk encrypt method like this.
Files and Paths
- locate_script: Where is this script located (Shell Script)
- Small Script you can add to the beginning of your shell programs to
determine the location of the script. This lets you find things like
configuration files relative to the scripts location, or read the script
itself for things like self-documenting manuals (something I do a lot).
It has worked for me for more than 30 years! And I have used it on
Sun3, Sun4, Ultrix, Solaris, Linux, MacOSX, with bourne shells, dash,
bash, ksh, and zsh. It should work for any Unix-like environment.
Technically locating a running script has no solution, as it could be a
piped into a shell, but in practice it does work. See the BASHFAQ (28)
- cmdout: Label Command Output (Shell Script)
- A wrapper around a command which marks the commands output as being from
standard output or standard error. Also reports the actual command given
and the final exit status of the command.
A useful information gathering about the program being run. Especially
when you plan to later use that command in a shell script, or for
Note getting the exit status of a command while also piping its output is
generally difficult in older shells. This script was originally
a demonstration on how this can be achieved.
- home_backup: Home Directory Backup (Tar file of Scripts)
- A push backup scheme that creates snapshot "rsync" backup of your home
directory into a "current" sub-directory directory, on directory or remote
account directory given. After a backup (update) is complete, a number of
rolling 'cycles' of hardlinked snapshots are created, generating per month,
week, day and even hourly snapshots.
A simple "recover" script can be used to list, and restore specific files
and directories, from any of the backup 'cycles'.
For more information see Rsync Backups, and Snapshoting
- linkdups: Hardlink duplicate files (Perl Script)
- Quite a complex perl script that very quickly finds large files that
are exact copies of each other. It then hardlinks them together to save
Files are only size tested initially, with full comparison
be performed when a possible match has been found, making this
re-hardlinking program very fast. Its complexity is its algorithm for
attempting to merge two separate hardlink groups of the same file. Only
when all the files of two hardlink groups finally merged together as
a single hardlinked group, is disk space saved, so it goes to great effort
to find all such files.
The primary purpose of this program is to attempt to re-link files that
were moved or renamed in "rsync" backups. This program can thus make
incredible disk space savings by restoring the hardlinking between
duplicate files. This commonly happens if a directory is renamed,
causing the hardlinks in a later rsync backups to not be made, even
though the file itself is untouched (just the directory path).
- unlinkdups: Break All Hardlinks (Shell Script)
- Recursively look at the given files and the given directories and break
any hardlink that is found. Basically the reverse of the previous
"linkdups" script, in that it will un-merge duplicate files again, while
preserving any dates and permissions.
This was needed to remove the hardlinks from files that should not have
been hardlinked together. Specifically files in my working home directory
that are temporary backups or revisions, configuration files, or SVN
copies. This allows the 'separated' files to be able to be edited
independently from each other, without a 'vi' or 'cp' modifying ALL the
backup copies (revisions).
- mv_renum: Rename numbered files (Perl Script)
- A simple perl script which will find the largest number in the given
filenames, and prepend zeros to the number found in the filenames
so they list in the correct numerical order. An option will let you
specify the number of digits to make all the numbers instead.
If this script is renamed to be "
mv_reseq", it can then be
used to re-sequence all the numbers, so as to remove any gaps, or spread
out the numbers so as to add gaps to the sequence. This can be useful to
insert and re-arrange the numbered order of the files.
I use both forms of the script quite regularly when dealing with numbered
- mv_perl: Perform complex file renaming (Perl Script)
- Rename files based on either a given perl substitution expression, OR
using one of the many pre-prepared expressions, based on the scripts
If the script is linked/copied to the filename "
ln_perl", then it will copy or symbolically link files to
the new filename rather than move or rename them.
Built in perl expressions have been included to rename files to: all
lowercase, all uppercase, capitalise words, remove punctuation, replace
spaces with underscores, and visa-versa, and many more common file
These can accessed by linking the script to appropriate "mv_*" names (see
internal documentation). For example if the script is linked/copied to
the command name "
mv_lcase", than that command will rename
the given filenames to lowercase.
This script was originally based on a common perl renaming script, the core
of which was originally created by Larry Wall, the creator of perl. Many
variants exist including "mmv" on many linux machines, and under Debian
- mv_suffix: Rename files with the wrong suffix (Perl Script)
- A simple perl script to use "file" to check the type of a file, and fix
the files suffix if it is not correct. Especially fixes uppercase
suffixes from Window PCs, as well as set JPEG images to '.jpg' suffix.
I find it amazing how often downloaded files have the wrong suffix.
- merge: Rename or Copy files safely (Shell Script)
- A replacement for the 'mv' and 'cp' command to use in the previous scripts
which adds numbers to the filenames to prevent files overwriting and
destroying other files of the same name.
- perms: Ensure file permissions are correct (Perl Script)
- Read a configuration file and set permissions of the files in my home
directory according to that file. What permissions should be set is
controlled by a special "perm_list" data file. If the permissions of
a file is correct no changes are made (preserving timestamps).
- Percent: Generate a Percentage Bar (Shell Script)
- Generate a ASCII percentage bar, that can be printed to a terminal
or included in plain test emails.
- File_Progress: Watch a process reading a file (Shell Script)
- Watch and report the progress of any process that is reading a file.
Looks up the process and its read offset using "lsof".
- Homespace: report home disk or quota left (Shell Script)
- Look up disk or quota space, used and free, of the users home, and
report it in a nice way using either the previous 'percentage' script,
or using a 'zenity' percentage bar.
- Timeout: kill long running commands (Shell Script)
- A complex script that runs the given command, but will kill it, if the
command has not completed in the time specified.
This is useful to prevent network commands taking too long waiting for
slow remote servers when the information is not that important. For
example when getting a hostname from a network IP, or disk quota when
the file system is on a remote NFS server that is down.
The script is completely 'Bourne Shell' based, and uses some very complex
scripting tricks to allow it to, exit immediately the command does,
without any 'sleep interval' pauses, or leaving behind a long running
sleep command. For more details of its development see my notes in "Shell Script Hints, and the
section "Command Timeout".
Linux machine often have a C version, also called 'timeout', but that is
not always available on non-linux machines, and that is where this program
fills the gap.
- Countdown: A test command for timeout scripts (Shell Script)
- This is just a simple script outputting a countdown reminiscent of a
NASA rocket launch. It is used as a test command for testing timeout
programs and scripts to see how well they work.
See my notes in "Shell Script Hints, and the section "Command Timeout".
- graphics (Shell Script)
- graphics2 (Shell Script)
- graphics_colors (Shell Script)
- graphics_utf (Shell Script)
- Various scripts I wrote a long time ago (1990's before X windows became
common) to check on the ANSI graphics capabilities of my current terminal.
The exact results vary greatly depending on the terminal program
(especially for colors and attributes) and on the font you are using. It
seems that many of the special ANSI graphic character modes are no longer
functional with the more modern UTF fonts, but then they have other
methods of use the vast UTF characters now available.
Text File Filters
- randomize: Randomize lines in pipeline (Perl Script)
- A simple perl script that can be used as a filter. It basically
will randomize the order of all the input lines. Essentially the
opposite of the "
- randomline: Extract one random line (Perl Script)
- A perl script similar to the previous one, but only outputs a single
randomly picked line from the input list. Sort of a 'pick any one' type
This was designed so it does not need to read in the whole input list into
memory, instead only holding the 'current' selection from the list that it
has already read. That is it has a very small memory footprint. Of course
it will not output the final single random selection until it has finished
reading all the input lines, as there is a possibility the last line will
be the final selection.
- shell_select.pl: select system call for shell (Perl Script)
- A small simple perl script to allow access to the UNIX select() system
from a shell script which is handling multiple data pipelines. This is
typically required in a complex shell co-process programming technique.
Also see shell_select_example.sh,
which is a demonstration program using "shell_select.pl" to handle both normal result output, and error
output form a "
For more information see my own notes on running
"Co-Processes in Shell Scripts, and the section on
"Multiple Output Streams".
- shell_expect: simple static co-processing script (Shell Script)
- A generic but simple co-processing scripting method feeding static
requests after waiting for specific prompts from the process being feed
Based on a similar script by Steve Parker,
"Simple Expect Replacement". See my own notes on running
"Co-Processes in Shell Scripts, in the section on
"Timed Data Pipelines".
- xlogout: Simple button on screen
- Try to generate a simple logout button on the screen (lower-right
corner) using any program that can be co-opted into doing this.
When button is pressed or killed, the script exits.
To be used as the last command in a xsession or xinitrc script.
I have a similar version in my actual xsession script which on press
pops up a menu of options: Poweroff, Reboot, Restart, Logout, Cancel.
But the "Restart" option requires integration with the rest of the
session script to allow it to kill off and restart all startup
- xwin_find: Wait for a window and print its WindowID
- Wait for a specified x-window client window to appear, (or timeout), and
return that windows WindowID. This ID can then be used to modify the
application window such as resize, move, iconize it. The script is
basically a simple looped wrapper around the standard "xwininfo" command.
Currently it could use a re-write at this point in time to make better
use of newer x window control tools.
- jiggle_window: Window shake or bounce (Shell Script)
- Jiggle (move around) a window in some specific way so as to highlight the
window or some condition to the user. Window is returned to it starting
location when the action is complete.
By default it will cause the window specified to 'bounce' like a ball to
highlight its existence. Other actions include 'shake' left and right,
which is commonly used to indicate some error condition (bad password). Or
do cirlces or jump back and forth.
There is both a
xwit version and a xdotool version available. The
scripts are identical, just using different window control tools.
- capture_ocr: grab and convert on screen text to clipboard
- Look for and convert on screen text to actual text in both a clipboard
and a pop up window, using OCR (Optical Character Recognition).
This program should be linked to some 'key event', such as 'Meta-Print'
so you can make a image selection (to find text in) at any time.
For methods of doing this see X Window Event Handling.
- edit_textbuf: Edit a Web text buffer in VI (Shell Script)
- Grab the text from current text buffer input field, pop up your preferred
editor with that text. When Editor ends, paste the text back into the
original text buffer.
This program should be linked to some 'key event', such as typically
provided by a window manager. For example can it when user presses
a 'Meta-E' key. See X Window
- Type a string or STDIN, as if you typed it yourself from the keyboard.
This lets you setup special keys so you and type fixed strings (like an
email address) or general selections (like text grabbed from a terminal
window) into ANY input box, whether it be a web browser input form, or
a Game input window, regardless of if it accepts a normal 'paste' or not.
The application sees it come from the keyboard, not as a 'paste'.
See X Window Event
- xmonitor: layout X window monitors in common ways (via xrandr)
- Read what monitors are available and lay them out in common
configurations. Script can be used in Session Startup scripts, or from
window manager menus. It is basically a simplification warapper for the
more complex "xrandr" command.
List the monitors simply:
Clone display to all monitors:
Swap to next active monitor:
Enable secondary monitor only:
Left to right order:
Left to right order (skip first):
xmonitor -skip right
WARNING: If a monitor is not working, this could leave you without any
working display. Caution is recommended on "swap" and "second" actions.
- logrotate_one: logrotate using one sub-conf file (Bash script)
- Run the logrotate against a single sub-configuration file, while
also defining the global settings from /etc/logrotate.conf
- ping_monitor: monitor machine network status. (Perl_Tk script)
- Display a table of hosts and indicate if the hosts are currently
pingable. used to set up a monitor of what machines in a lab are up and
currently in use. Machines automatically power off when not in use.
- Gif trans (.c) and
Man Page (.man) and
Text Manual (.txt)
- This is a patched version of the "giftrans" program. That fixes some
reported GIF file setting numbers (bad rolls) and comment handling of the
more modern "rgb.txt" files. It should be compiled with a RGBTXT define
giving the location of the "rgb.txt" file, though it is not strictly
necessary for its correct working.
I use this program in some of my icon library scripts to gather
information about GIF files, such as the exact colormap, disposal, and
delay settings from GIF animations.
Also see ImageMagick
Examples, Helper Scripts, and especially the "gif2anim" script. This
script originally used this program for information gathering to create
a ImageMagick command that can re-build the animation from its de-composed
frames. However no it uses ImageMagick itself to gather this data.
- XbmBrowser v5.1b.tar.gz. (X Windows C program)
- This is an interactive X bitmap and pixmap browser. -- Old and Dated
WWW Programs (Client)
- www_ctrl: Web Browser Remote Control. (Shell Script)
- Read the currently selected string, and direct the Firefox web browser
When configured with hotkeys such as from a Window Manager, users can
simply highlight a link, word, or other text, and press some button to
find out more information. Makes the lookup of information from emails,
web pages, manuals, or terminal output very fast and efficient.
For example I have Ctrl-F12 set to go to the selected link, Ctrl-F11 for
Google search, and Shift-F11 for Wikipedia Lookup.
- Go to the selected link
- Google Search (page or image) on selected text
- Wikipedia looking on selected text
- MH Send Filter (Shell Script)
- This script pretends to be the MH send program and collect the out going
mail. Which is passed to a mail filter of your choice, before being
passed to the real MH mail system `send' command. This allows me to
append signatures, add mail faces or just edit outgoing mail in some
fashion (PGP encryption?).
The script is installed by modifying your personal
.mh_profile" to use this command for the mh send,
as well as the real mh send command to use, and the mail filter
this script is to call.
- Unix Sendmail Filter (Shell Script)
- This script complements the above MH send filter but replaced the normal
system sendmail command.
To use this filter you specify this program in your personal
.mailrc". Unfortunately the filter called by this script
must be specified inside the script itself. The same output mail
filter can however be used for both MH and BSD mail systems.
- Outgoing Mail Filter (Shell Script)
- This script is my personal outgoing mail filter, which the above scripts
call. This script actually adds signatures, mail face, and other mail
header modifications to my outgoing mail, automatically.
Created: 3 May 1995
Updated: 23 February 2017
Author: Anthony Thyssen,