04-12-2010
I was going to suggest that second approach, as Corona688 stated - better avoid encrypt/decrypt process, but rather cut down the rights on that machine, in terms of root access, make the file exclusively locked, and keep the password in plain text. Then, whenever a password has to be read by the expect script, chmod the file, temporarily, the script will parse the password, and then lock the file again. Unfortunately, expect/TCL doesn't bring much into security, its first purpose was to be convenient for automation, both local and remote, thus avoiding user interactions. I have a few very handy expect scripts available, but only on test machines with limited access - both virtual and physical.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Could someone please help me...I have an expect script. There's a need for a log in during the script and a password is required...right now the password is just a variable in the expect script...what would be the best way to put that in an encrypted flat file and have the expect script pull the... (2 Replies)
Discussion started by: cubs0729
2 Replies
2. Shell Programming and Scripting
To perform a black box testing and get users' feedback, we are planning to deploy a script in a common location and ask users to execute the script. However we do not want them to have a look at the script until the testing is done. I know this is against the open source concept, but it will be for... (7 Replies)
Discussion started by: krishmaths
7 Replies
3. Shell Programming and Scripting
Hi,
I have written a shell script in unix for my customer. Now I want to make it only execute and not to read/write. Can anybody help me how to set password protect/encript my script.
Thanks
Suresh (3 Replies)
Discussion started by: suresh3566
3 Replies
4. Shell Programming and Scripting
Hi
I have following problem Im writing a script (in bash ) , where need to be written login & passwd for databas client .
Its need to in following form login passwd@dbhostname .
The problem is so anybody can read it so the passwd & login are visible and thats not very safety .
Can... (8 Replies)
Discussion started by: kvok
8 Replies
5. Shell Programming and Scripting
Hi,
I have run the below script which is connected to db2 v9.5. There is no issue. The only problem is how to encrypt the dbpwd?
#!/bin/ksh
#---- Set Environment
dbalias="dev1db"
dbuser="user1"
dbpwd="password"
#---- Connect to the Database
cd /opt/ibm/db2/V9.5/bin
db2 "connect to... (1 Reply)
Discussion started by: lookinginfo
1 Replies
6. Shell Programming and Scripting
Hi,
I have a SQL which i want to run through a shell script.
query_result=`/home/oracle/product/11.2.0/bin/sqlplus -S uname/pwd@DBNAME <<!
set heading off feedback off trimspool on
set pagesize 0
set linesize 9999
spool $PARAM_PATH/param_name.txt;
Select sysdate from dual;
spool off;... (6 Replies)
Discussion started by: chetan.c
6 Replies
7. Shell Programming and Scripting
Hi All,
I have stored Oracle database passwords in a hidden file - .pass_file.
My shell script reads the hidden file, gets the password and then logs in to the Oracle database and runs some SQL script.
My requirement is:
I need to provide the shell script to be executed by someone else. So,... (1 Reply)
Discussion started by: sunpraveen
1 Replies
8. Shell Programming and Scripting
Hi All,
very good morning all.
I am trying to connect to informatica repository by using shell script.
I have written pmrep connect command in the script file. But i need to provide repository, domain ,username and password to connect. Username and password are hard coded in the script... (8 Replies)
Discussion started by: SekhaReddy
8 Replies
9. Shell Programming and Scripting
Dear All,
I have a requirement where I have to SFTP or SCP a file in a batch script. Unfortunately, the destination server setup is such that it doesn't allow for shell command line login. So, I am not able to set up SSH keys. My source server is having issues with Expect. So, unable to use... (5 Replies)
Discussion started by: ss112233
5 Replies
10. Shell Programming and Scripting
Hello,
I have the following UNIX shell script which connects to the teradata database and executes the SQL Queries. For this, I am passing database name, username and password. I don't want to reveal my password to anyone. So, is there any way that I can encrypt my password and read the... (2 Replies)
Discussion started by: ronitreddy
2 Replies
LEARN ABOUT OPENSOLARIS
lckpwdf
lckpwdf(3C) Standard C Library Functions lckpwdf(3C)
NAME
lckpwdf, ulckpwdf - manipulate shadow password database lock file
SYNOPSIS
#include <shadow.h>
int lckpwdf(void);
int ulckpwdf(void);
DESCRIPTION
The lckpwdf() and ulckpwdf() functions enable modification access to the password databases through the lock file. A process first uses
lckpwdf() to lock the lock file, thereby gaining exclusive rights to modify the /etc/passwd or /etc/shadow password database. See
passwd(4) and shadow(4). Upon completing modifications, a process should release the lock on the lock file using ulckpwdf(). This mechanism
prevents simultaneous modification of the password databases. The lock file, /etc/.pwd.lock, is used to coordinate modification access to
the password databases /etc/passwd and /etc/shadow.
RETURN VALUES
If lckpwdf() is successful in locking the file within 15 seconds, it returns 0. If unsuccessful (for example, /etc/.pwd.lock is already
locked), it returns -1.
If ulckpwdf() is successful in unlocking the file /etc/.pwd.lock, it returns 0. If unsuccessful (for example, /etc/.pwd.lock is already
unlocked), it returns -1.
USAGE
These routines are for internal use only; compatibility is not guaranteed.
FILES
/etc/passwd password database
/etc/shadow shadow password database
/etc/.pwd.lock lock file
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|MT-Level |MT-Safe |
+-----------------------------+-----------------------------+
SEE ALSO
getpwnam(3C), getspnam(3C), passwd(4), shadow(4), attributes(5)
SunOS 5.11 29 Dec 1996 lckpwdf(3C)