Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is my terminal input secure?
Special Forums Cybersecurity Is my terminal input secure? Post 302224880 by pnp on Thursday 14th of August 2008 06:27:30 AM
Old 08-14-2008
Is my terminal input secure?
My knowledge of Unix input/output/devices is very hazy so could someone please tell me if the following is secure?

I log on to an account on a shared Unix server (Linux 2.6.18-6-686) using ssh (PuTTY). I start a python program and then type into it (python raw_input command) the username/password of an account on a web site it should log on to using SSL. The python executable is one I downloaded and built myself. Is it possible for someone with root privilege to see the username/password I type into the python program?

Thanks very much in advance.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

How to suppress input keying from displaying on terminal.

I'm a Unix newbie. In a shell-script, is there any way to accept keyboard input (via STDIN) without having it display on the screen? I know keying in a login password sort of does this by replacing what you key with astericks (*) but I believe that's a "C" routine. I'd like to be able to... (2 Replies)
Discussion started by: liteyear18
2 Replies

2. UNIX for Advanced & Expert Users

connecting to unix through hyper terminal - as a dumb terminal

I just changed from windows NT to XP and I am no longer able to connect to my unix system. I used to use hyper terminal -- which acts as dumb terminal to my main frame unix system. I think one of the options used to be "direct to comX". This option isn't listed now. I use a serial port and the... (2 Replies)
Discussion started by: michelle
2 Replies

3. Solaris

Secure FTP Problem using Sun SSH on Client system F-Secure on Server system

I am using shell script to do secure ftp. I have done key file setup to do password less authentication. Following are the FTP Details: FTP Client has Sun SSH. FTP Server has F-Secure. I am using SCP Command to do secure copy files. When I am doing this, I am getting the foll error scp:... (2 Replies)
Discussion started by: ftpguy
2 Replies

4. Shell Programming and Scripting

Don't show keyboard input on terminal

I am developing a script that will run with '/bin/ksh' shell. The script is intended to receive a password by keyboard input, but for security reasons I would like to hide what the user is typing. The keyboard input is being caught by 'read' command. exmaple : echo "Please type your new... (1 Reply)
Discussion started by: marianor31
1 Replies

5. UNIX for Advanced & Expert Users

Pseudo-terminal will not be allocated because stdin is not a terminal.

I am trying to automate a SSH login using Keys using the following command ssh -i id_rsa usernamw@ipaddr. I am successful in doing this and i am getting the Warning Screen and I logon successfully. but when I am executing the command tail -1cf put.dat | ssh -i id_rsa username@ipaddr > get.dat ... (1 Reply)
Discussion started by: Shivdatta
1 Replies

6. UNIX for Dummies Questions & Answers

how to check the user input from terminal

Hello everybody!!! I am writing my own rm command in unix. I prompt the user to type if he wants to delete a file and then read what he typed. But how do i check what he typed? This is my program so far: echo 'Delete prog1.c (y/n)?' read yesOrNo if yesOrNo == 'y' then rm prog1.c... (6 Replies)
Discussion started by: mskart
6 Replies

7. Programming

Number of bytes in terminal input queue w/o blocking and consuming?

Hello, everyone. Could someone, please, tell me how to get the number of bytes in the terminal input queue without blocking and without consuming these bytes? I guess it could be called the peek functionality. I've looked at termio tcgetattr() and tcsetattr() functions but could not find... (4 Replies)
Discussion started by: Lucy.Garfeld
4 Replies

8. Shell Programming and Scripting

Cannot get terminal application to launch with a graphical launcher when successful in terminal

I have been having an extremely annoying problem. For the record, I am relatively new at this. I've only been working with unix-based OS's for roughly two years, mostly Xubuntu and some Kali. I am pretty familiar with the BASH language, as that's the default shell for debian. Now, I've made this... (16 Replies)
Discussion started by: Huitzilopochtli
16 Replies

9. Shell Programming and Scripting

Print Terminal Output Exactly how it Appears in the Terminal to a New Text File

Hello All, I have a text file containing output from a command that contains lots of escape/control characters that when viewed using vi or view, looks like jibberish. But when viewed using the cat command the output is formatted properly. Is there any way to take the output from the cat... (7 Replies)
Discussion started by: mrm5102
7 Replies

10. What is on Your Mind?

Should we use CODE Tags for terminal input and output?

I've always used code tags for code but not for showing terminal input and output. I noticed a mod edited one of my threads and now I'm confused as to proper protocol. Mike (5 Replies)
Discussion started by: Michael Stora
5 Replies

LEARN ABOUT HPUX

pam_unix

pam_unix(5)							File Formats Manual						       pam_unix(5)

NAME

       pam_unix - authentication, account, session, and password management PAM modules for UNIX

SYNOPSIS

DESCRIPTION

       The  UNIX  service  module for PAM, provides functionality for all four PAM modules: authentication, account management, session management
       and password management.

       The module is a shared object that can be dynamically loaded to provide the necessary functionality upon demand.

       For an interpretation of the module path, please refer to the related information in pam.conf(4).

   Unix Authentication Module
       The UNIX authentication component provides functions to verify the identity of a user, and to set user specific credentials

       compares the user entered password (or password retrieved from the user's smart card)  with  the  password  from  UNIX  password  database,
       including  the  protected  password database for trusted systems.  If the passwords match, the user is authenticated.  If the user also has
       secure RPC credentials and the secure RPC password is the same as the UNIX password, then the secure RPC credentials are also obtained.

       The following options may be passed to the UNIX service module:

       syslog(3C)	 debugging information at level.

       Turn off warning messages.

       It compares the password in the password database with the user's initial
			 password (entered when the user authenticated to the first authentication module in the stack).  If the passwords do  not
			 match,  or  if  no password has been entered, quit and do not prompt the user for a password.	This option should only be
			 used if the authentication service is designated as optional in the configuration file.

       It compares the password in the password database with the user's initial
			 password (entered when the user authenticated to the first authentication module in the stack).  If the passwords do  not
			 match, or if no password has been entered, prompt the user for a password.

       psd stands for personal security device, for the current implementation
			 there	is  only one security device: the smart card.  It compares the password in the password database with the password
			 stored on the user's smart card.  With this option the PAM Framework prompt "Enter PIN:" is used instead of the  password
			 prompt.  This option is only supported  with the authentication or password module types (auth, password) services in the
			 or in the configuration files.

       When prompting for the current password, the UNIX authentication module will use the prompt, "Password:" unless one of the  following  sce-
       narios occur:

	      1.     The option is specified and the password entered for the first module in the stack fails for the UNIX module.

	      2.     The  option  is not specified, and the earlier authentication modules listed in the file have prompted the user for the pass-
		     word.

	      3.     The option is specified.  In this case, the UNIX authentication module will use the prompt "Enter PIN:".

       In cases 1 and 2, the UNIX authentication module will use the prompt "System Password:".

       The function sets user specific credentials.  If the user had secure RPC credentials, but the secure RPC password was not the same  as  the
       UNIX password, then a warning message is printed.  If the user wants to get secure RPC credentials, then keylogin(1) needs to be run.

   Unix Account Management Module
       The  UNIX  account  management component provides a function to perform account management The function retrieves the user's password entry
       from the UNIX password database and verifies that the user's account and password have not expired.  For trusted systems, this module  also
       validates the allowed access time and access terminal based upon the security configuration.  The following options may be passed in to the
       UNIX service module:

       syslog(3C)	 debugging information at level.

       Turn off warning messages.

   Unix Session Management Module
       The UNIX session management component provides functions to initiate and terminate UNIX sessions.  For UNIX, updates the last successful or
       unsuccessful  login  time in the protected password database for trusted mode.  The account management module reads the information to dis-
       play the previous time the user logged in.

       The following options may be passed in to the UNIX service module:

       syslog(3C)	 debugging information at level.

       Turn off warning messages.

       is a NULL function.

   Unix Password Management Module
       The UNIX password management component provides a function to change passwords in the UNIX password database.  This module must	be  in	It
       can not be or The following options may be passed in to the UNIX service module:

       syslog(3C)	 debugging information at level.

       Turn off warning messages.

       It compares the password in the password database with the user's old
			 password  (entered to the first password module in the stack).  If the passwords do not match, or if no password has been
			 entered, quit and do not prompt the user for the old password.  It also attempts to use the new password (entered to  the
			 first	password  module  in  the  stack) as the new password for this module.	If the new password fails, quit and do not
			 prompt the user for a new password.

       It compares the password in the password database with the user's old
			 password (entered to the first password module in the stack).	If the passwords do not match, or if no password has  been
			 entered,  prompt  the user for the old password.  It also attempts to use the new password (entered to the first password
			 module in the stack) as the new password for this module.  If the new password fails, prompt the user for a new password.

       It prompts the user for the PIN (with the PIN, the PAM Framework can
			 retrieve a password from the smart card) and the old password is retrieved from the smart card.  It compares the password
			 in the password database with the user's old password.  If the passwords match, it prompts the user for a new password.

       If  the	user's	password  has expired, the UNIX account module saves this information in the authentication handle using The UNIX password
       module retrieves this information from the authentication handle using to determine whether or not to force the user to update their  pass-
       word.

APPLICATION USAGE

       On  trusted  systems, the interfaces implemented in the UNIX service module, are not thread-safe.  Otherwise, they are thread-safe.  A can-
       cellation point may occur while a thread is executing any of these interfaces.  They are not cancel-safe, async-cancel-safe, nor async-sig-
       nal-safe.

WARNINGS

       HP-UX 11i Version 3 is the last release to support trusted systems functionality.

SEE ALSO

       keylogin(1), pam(3), pam_authenticate(3), pam_setcred(3), syslog(3C), nsswitch.conf(4), pam.conf(4), pam_user.conf(4).

																       pam_unix(5)
All times are GMT -4. The time now is 06:08 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy