03-15-2010
Scripting help/advise on hiding/masking username/password
Hi,
I currently have a UNIX script with a function that uses a username and password to connect to the database, retrieve some information and then exit.
At the moment, am getting the username and password from a hidden plain text file and permission set to -r--------, i.e. read only to who own the file.
The owner of the file is the same owner of the script. At the moment, am not too overly concern as the script works as it is but I want to know if anyone have a suggestion if there is any better way of achieving the same thing with some "form" of security, i.e., for example, masking the username/password.
Basically, I want to be able to mask or hide the username or password in some way. I've thought about encryting the password file, which is in plain text, using simple crypt command from which I retrieve the username and password but I need to decrypt it as well which is sort of similar to how it will be as it is now once it is decrypted.
Is there anyway that I can get a username and password in some gibberish format and then translating them into something usable which can be passed on the next command that requires the username/password.
Any advise or suggestion will be very much appreciated. Some kind of starting point to test with I supposed ...
Thanks in advance.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I'm calling a program with a command line arguement containing a password. while the process is running anyone on the system can ps -ef and see the password. Is there a way to prevent this from happening.
example
PROGRAM USERNAME/PASSWD
I've also tried
PROGRAM `cat passfile`
... (7 Replies)
Discussion started by: sudojo
7 Replies
2. UNIX for Dummies Questions & Answers
Hello,
I am trying to figure out away to hide a command from users when performing a ps check. I have a ksh that purges a table in a database. If I perform a >ps -eaf |grep ksh, I get the login id and password. I do not want other users seeing this. Is there a way to hide this. The login... (5 Replies)
Discussion started by: ctcuser
5 Replies
3. Shell Programming and Scripting
Hi,
I have a simple script to ftp from unix to a mainframe to get and put files. Currently I have the password setup in a VARS file and dereference the var in my script. Doing it this way allws me to change the password in only one place but it is still viewable for many people. Is there any... (6 Replies)
Discussion started by: Cass3
6 Replies
4. UNIX for Dummies Questions & Answers
Hello. A bit of a puzzle here:
I have a 3rd party executable, which requires the following parameters:
parm1 = program_name, parm2=userid/password, parm3=additional flags.
We tried passing password as a variable, but you can do grep, and see what the password actually is
I found a bit... (2 Replies)
Discussion started by: Kishinevetz
2 Replies
5. UNIX for Dummies Questions & Answers
Hello all ,
I looked up this site for solutions to hide login info from ps -ef | grep like using a seperate file and store the password in that especially for oracle sqlplus scripts.
I just got this thought , But dont know how to implement this in UNIX.
Is there a way to revoke access from... (17 Replies)
Discussion started by: simonsimon
17 Replies
6. Shell Programming and Scripting
Not sure on the description, but here is a quick rundown.
I have 2 servers, we'll call them
serverA
serverB
On serverB, I am calling a script that inside it has the following:
ssh srvdsadm@serverB sudo -u dsadm /opt/apps/DataStage/scripts/autoDeploy.sh ${projName} ${subProjVar}... (1 Reply)
Discussion started by: cbo0485
1 Replies
7. Programming
So I've been working on this for some time now and can't seem to find the solution that works for me. I'm working in C/Unix. Basically, I want to take a user input and output something different. For example, I want to take a password and output *'s. In another instance, I want to take inputed... (35 Replies)
Discussion started by: bigdrock44
35 Replies
8. Shell Programming and Scripting
Is there a way to mask the password inside of a script to minimize the impact of a comprimised server? So
ssh -o "PasswordAuthentication no" -o "HostbasedAuthentication yes" -l testuser 192.168.3.1 "mysqldump --opt --all-databases -u root -pPassword| gzip" > $backup_dir/mysqldump.gz
a... (2 Replies)
Discussion started by: metallica1973
2 Replies
9. Shell Programming and Scripting
I am trying to build and expect script to log into multiple aix boxes and change password. I need for the script to terminate if it cannot log into a server because the username or password is wrong.
#!/usr/bin/expect
set timeout 1
set host
set user
set password
set uh "Unknown host"
set... (3 Replies)
Discussion started by: leemalloy
3 Replies
10. Shell Programming and Scripting
Hi guys,
I use STTY command to make the password invisible.
Now I need to write the password into another file pwd.txt, but in an invisible manner, something like ******. Another thing is to when I echo the content of pwd.txt I get the password I actually typed.
Thanks guys. Help me out. (5 Replies)
Discussion started by: mohanalakshmi
5 Replies
printpw(8) System Manager's Manual printpw(8)
NAME
printpw - Outputs the contents of the password database
SYNOPSIS
printpw [-acdgsu]
FLAGS
Outputs all information. Use of this flag is the same as specifying all flags with -cdgsu. Outputs username and the comment string. Out-
put username and the login directory. Outputs username and the group ID numerical value. Output username and the login shell. Output
username and the UID numerical value.
DESCRIPTION
The printpw command outputs the contents of the /etc/passwd database file in ASCII format to the standard output. When printpw is called
with no option, all usernames in the database are output.
The /etc/passwd database file is accessed through the standard library function getpwent. On secure systems that have changed this library
function or on systems with Network Information Service (NIS) service installed, printpw produces the same information.
When printpw is called in combination with any flag, one or more additional columns separated with : (colon) is output.
EXAMPLES
To output the username, UID, and login directory of all users in the password database file, enter: /usr/sbin/acct/printpw -ud
FILES
Specifies the command path The password database file.
RELATED INFORMATION
Commands: acct(8) delim off
printpw(8)