The UNIX and Linux Forums  
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.

Go Back   The UNIX and Linux Forums > Top Forums > Shell Programming and Scripting
Reload this Page String hash/obfuscation in ksh
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read



Thread: String hash/obfuscation in ksh
View Single Post in the UNIX and Linux Forums - Click on the Thread or Permalink to View Entire Thread -->
  #1 (permalink)  
Old 04-28-2008
StHalcyon StHalcyon is offline
Registered User
  
 

Join Date: Apr 2008
Posts: 1
String hash/obfuscation in ksh
I have a vendor that needs to install a set of scripts (written in korn) that will be run as root through crontab every day. This set of scripts will need to ssh as root to other servers without getting challenged for user name or password. So I have set up ssh key pairing and authorized_keys file.

But here's the thing. Users who log in to a server as themselves can su to root, then ssh directly to other servers as root. This breaks accountability. So, I decided to yank out the "IdentityFile" line in root user's ssh config, which will force users who are in root to now use the -i parameter when using ssh or scp commands. This obviously needs to be modified in the vendor's scripts as well.

However, I would hate to have the script contain a variable called "ssh_ID" so that the scripts can run something like this: /usr/bin/ssh -i ${ssh_ID} [remote_commands]

I want to see if there are simple string obfuscation scripts for korn shell that I can incorporate into the vendor scripts, so that ssh_ID is assigned the hashed string (instead of "/root/.ssh/id_dsa"). Apparently there are several samples out there for perl, but none for Korn shell. I'm sure I can try something myself, but I'm not exactly mathematically gifted. In fact, I don't even know how to offset a character without using ksh97!

Help?