Encrypt a hardcoded passwd | Unix Linux Forums | Solaris

  Go Back    


Solaris The Solaris Operating System, usually known simply as Solaris, is a Unix-based operating system introduced by Sun Microsystems. The Solaris OS is now owned by Oracle.

Encrypt a hardcoded passwd

Solaris


Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 03-10-2013
q8devilish q8devilish is offline
Registered User
 
Join Date: Jun 2009
Last Activity: 23 March 2014, 5:38 AM EDT
Location: Kuwait
Posts: 31
Thanks: 4
Thanked 0 Times in 0 Posts
Encrypt a hardcoded passwd

hey guys,
is there a way to encrypt a hard coded passwd inside a shell script basically this is my script and i was to encrypt or hide the ftp password.

Code:
#!/bin/sh
HOST='XXXXXXXXX'
USER='XXXXXXXXXX'
PASSWD='XXXXXXXXXXX'


cd /tmp/ftptest
grep -c "{0000000#END#\>" * > NO_OF_CARDS
ftp -n $HOST <<END_SCRIPT
quote USER $USER
quote PASS $PASSWD
prompt off
ascii
cd /tmp/ftptest
mput *
quit
END_SCRIPT
exit 0

And i canít let the password popup as this script was intended to be automation for a file transfer.
Sponsored Links
    #2  
Old 03-10-2013
bakunin bakunin is offline Forum Staff  
Bughunter Extraordinaire
 
Join Date: May 2005
Last Activity: 23 July 2014, 7:17 PM EDT
Location: In the leftmost byte of /dev/kmem
Posts: 4,116
Thanks: 42
Thanked 764 Times in 603 Posts
Even if you encrypt the password somehow you would have to provide a mechanism available to the script to decrypt it, so you gain nothing. It is a fact that "ftp" uses clear-text passwords and this intrinsic insecurity cannot be changed or alleviated in any way. As the password is sent clear-text over the net in the login process every interested party can sniff it from there too. There is no way to prevent this. (Btw., the same is true for "telnet" and the other classical means of connecting from one system to the other.)

The only way is to use a securified means of communication: ssh/scp to be precise. In this case the password gets transmitted in an encrypted form, so sniffing is ruled out. You can also set up a "chain of trust" between two user/host-combinations so that userA from hostA can connect as userB to hostB without using a password (so you don't have to state one in your script) but using an exchanged secret both involved parties know. The basic procedure is to connect once, identified by the password and then to store the other hosts secret to a config file so that further connections do not need a password any more.

We have several threads dealing with the setup of such a mechanism, so i suggest you do a forum search for "scp" and/or "ssh" installation.

I hope this helps.

bakunin
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
When did AIX start using /etc/security/passwd instead of /etc/passwd to store encrypted passwords? Anne Neville AIX 1 03-09-2012 08:05 PM
Issue with use of Configuration file instead of hardcoded values inside the script irudayaraj UNIX for Dummies Questions & Answers 3 07-29-2011 08:00 AM
passwd cmd reenables passwd aging in shadow entry BG_JrAdmin Solaris 3 01-04-2011 03:28 PM
how to enter hardcoded password automatically abhi_n123 UNIX for Dummies Questions & Answers 4 07-01-2010 10:47 AM
connection string is hardcoded prakash.gr Shell Programming and Scripting 3 06-29-2009 02:26 AM



All times are GMT -4. The time now is 12:13 AM.