Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: which encryption method?
Top Forums Shell Programming and Scripting which encryption method? Post 25561 by kjd on Wednesday 31st of July 2002 09:07:36 PM
Old 07-31-2002
Comparison or storage for later use?
If you're storing for comparison (authentication) purposes (e.g. user enters a password, you save it, then later ask for the password again for verification), then you can store an MD5 hash of the password rather than encrypting and storing the password itself. See Digest::MD5 or Digest::Perl::MD5. Use the second if you are unable to compile C code; it is slower, but should not be noticably slow for something small like passwords.

Using this method, you would take input from the user, and hash it with MD5. The output is a unique string that cannot be reversed to re-obtain the original data. This is useful for password comparison because you can hash the input from the user, then compare the stored value and new value to assure they are the same. The password never has to be stored.

If you're storing for later retrieval and usage then you need a form of encryption that you can reverse with a key. You would use this for encrypting files/data, such as a list of passwords that you want to store for use later. Try Rijndael, Blowfish, Twofish. Of course you need to obtain the key somehow, probably by prompting the user at run-time.
Last edited by kjd; 07-31-2002 at 10:33 PM..
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Backup method

Hi I'm trying to work out the best method for creating a backup under SCO OpenServer. I would like to perform unattended backups to tape of various file systems, possibly using a script etc. So far I've looked at the Backup Manager that comes with SCO and that cannot perform unattended... (2 Replies)
Discussion started by: synamics
2 Replies

2. UNIX for Dummies Questions & Answers

File encryption/Key encryption ????

My dilemma, I need to send, deemed confidential, information via e-mail (SMTP). This information is sitting as a file on AIX. Typically I can send this data as a e-mail attachment via what we term a "mail filter" using telnet. I now would like to somehow encrypt the data and send it to a e-mail... (1 Reply)
Discussion started by: hugow
1 Replies

3. UNIX for Dummies Questions & Answers

Optimized Method

Hi All, I have got two files. File A with 50000 records and File B with some 500 million records. I need to extract the mapping data (common data) from both the files. There should be definitely many ways :) though I have a way which is definitely not optimzed and takes a longer time... (2 Replies)
Discussion started by: matrixmadhan
2 Replies

4. Programming

Regarding Native method

Hi, I am working with solaris 9 and I am using jre1.6. In my application,I am using java and C++ in my application.Basically we are using the java for front end and C/C++ for back hand.So I have to call the C/C++ source code form java code.we are using native methods for it.. So application... (1 Reply)
Discussion started by: smartgupta
1 Replies

5. UNIX for Dummies Questions & Answers

Shadow file encryption method

Hi all, I'd like to use the encryption method used to generate the /etc/shadow passwords. The goal is to write a script that get a plain-text password as argument and returns an encrycped one. Can you help me, please? (10 Replies)
Discussion started by: nisant
10 Replies

6. Shell Programming and Scripting

Help in replace method

Hi Gurus, VARIABLE=john_*_has_*_s i want to replace the * with digits 09100 and 0010101 to print the john_09100_has_0010101_s Thanks (3 Replies)
Discussion started by: SeenuGuddu
3 Replies

7. Solaris

svc:/network/physical:default: Method "/lib/svc/method/net-physical" failed with exit status 96. [ n

After a memory upgrade all network interfaces are misconfigued. How do i resolve this issue. Below are some out puts.thanks. ifconfig: plumb: SIOCLIFADDIF: eg000g0:2: no such interface # ifconfig eg1000g0:2 plumb ifconfig: plumb: SIOCLIFADDIF: eg1000g0:2: no such interface # ifconfig... (2 Replies)
Discussion started by: andersonedouard
2 Replies

8. Shell Programming and Scripting

Another method for this snippet

Hi All, i believe this is not very efficient. another method would be appreciated for these. basically i read a file with tab delimited column and pass the column to another perl script. while read line do timestamp=`echo "$line"|awk -F"\t" '{print $1}'` severity=`echo... (15 Replies)
Discussion started by: ryandegreat25
15 Replies

9. Cybersecurity

File encryption tools with MAC address as an encryption key

Hi all, I'm looking for secure file encryption tools that use MAC address as encryption key. FYI, I'm using Red Hat Enterprise Linux OS. For example: when A wants to send file to B A will encrypt the file with B's computer MAC/IP address as an encryption key This file can only be decrypted... (2 Replies)
Discussion started by: sergionicosta
2 Replies

LEARN ABOUT DEBIAN

userdbpw

USERDBPW(8)						      Double Precision, Inc.						       USERDBPW(8)

NAME

       userdbpw - create an encrypted password

SYNOPSIS

       userdbpw [[-md5] | [-hmac-md5] | [-hmac-sha1]] |userdb {name} set {field}

DESCRIPTION

       userdbpw enables secure entry of encrypted passwords into /etc/courier/userdb.

       userdbpw reads a single line of text on standard input, encrypts it, and prints the encrypted result to standard output.

       If standard input is attached to a terminal device, userdbpw explicitly issues a "Password: " prompt on standard error, and turns off echo
       while the password is entered.

       The -md5 option is available on systems that use MD5-hashed passwords (such as systems that use the current version of the PAM library for
       authenticating, with MD5 passwords enabled). This option creates an MD5 password hash, instead of using the traditional crypt() function.

       -hmac-md5 and -hmac-sha1 options are available only if the userdb library is installed by an application that uses a challenge/response
       authentication mechanism.  -hmac-md5 creates an intermediate HMAC context using the MD5 hash function.  -hmac-sha1 uses the SHA1 hash
       function instead. Whether either HMAC function is actually available depends on the actual application that installs the userdb library.

       Note that even though the result of HMAC hashing looks like an encrypted password, it's really not. HMAC-based challenge/response
       authentication mechanisms require the cleartext password to be available as cleartext. Computing an intermediate HMAC context does scramble
       the cleartext password, however if its compromised, it WILL be possible for an attacker to succesfully authenticate. Therefore,
       applications that use challenge/response authentication will store intermediate HMAC contexts in the "pw" fields in the userdb database,
       which will be compiled into the userdbshadow.dat database, which has group and world permissions turned off. The userdb library also
       requires that the cleartext userdb source for the userdb.dat and userdbshadow.dat databases is also stored with the group and world
       permissions turned off.

       userdbpw is usually used together in a pipe with userdb, which reads from standard input. For example:

	   userdbpw -md5 | userdb users/john set systempw

       or:

	   userdbpw -hmac-md5 | userdb users/john set hmac-md5pw

       These commands set the systempw field in the record for the user john in /etc/courier/userdb/users file, and the hmac-md5pw field. Don't
       forget to run makeuserdb for the change to take effect.

       The following command does the same thing:

	   userdb users/john set systempw=SECRETPASSWORD

       However, this command passes the secret password as an argument to the userdb command, which can be viewed by anyone who happens to run
       ps(1) at the same time. Using userdbpw allows the secret password to be specified in a way that cannot be easily viewed by ps(1).

SEE ALSO

       userdb(8)[1], makeuserdb(8)[2]

NOTES

	1. userdb(8)
	   userdb.html

	2. makeuserdb(8)
	   makeuserdb.html

Double Precision, Inc.						    08/23/2008							       USERDBPW(8)
All times are GMT -4. The time now is 04:26 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy