04-13-2010
Quote:
Originally Posted by
dukevn
Hi Corona, I think you got it wrong. I did mention that I knew authorized keys already (and I have been using it quite a while), but in my opinion it is not automation as expect
In what manner is it worse do you think? It may not be easy to explain to your customers or superiors but it is fully automatic and secure. Your method is not and
cannot be made secure. The inventor of ssh knew people would try to butcher in stored plaintext passswords anyway and designed it to prevent that.
Quote:
Anyway, let us try not to diverge the main question of my post: how to fool ps or hide password in my script.
Not until you understand that the reason you have to use
expect at all is because you're brute-forcing an insecure solution ssh was expressly designed to not just prevent but make obsolete.
Last edited by Corona688; 04-13-2010 at 07:47 PM..
10 More Discussions You Might Find Interesting
1. Programming
I am doing a project in C program which requires to type in password in Unix terminal. Does anybody know how to shade or not output any words typed by user in the terminal?
I use the function scan() to read typing from user. Thanks in advance. (2 Replies)
Discussion started by: ivancheung
2 Replies
2. Shell Programming and Scripting
Hi falks,
I have the following ksh code:
echo "Enter VS Admin password:"
oldstty=`stty -g`
stty -echo intr '$-'
read password
stty $oldstty
echo
This code ask from a user to enter his password. The OS suppose to hide the entering of the... (2 Replies)
Discussion started by: nir_s
2 Replies
3. Shell Programming and Scripting
All,
In my script I am calling another script.. in that script I need to enter a password. Problem is that everyone is able to see the password when I enter that. Is there any way that when i enter that password it should not display or may look like *******.
Or if there any other way that I... (1 Reply)
Discussion started by: arpitk
1 Replies
4. Shell Programming and Scripting
Hi,
I am writing a UNIX .ksh script and need to send the login password of the login id that is executing the script to a command that I am executing in the script. I don't want that password to be seen by anyone except whoever is executing the script.
Does anyone know how I can accomplish... (6 Replies)
Discussion started by: samd
6 Replies
5. UNIX for Dummies Questions & Answers
hi all,
i run sqlplus command on unix(HP-UX)
like "sqlplus username/password@serverA @deneme.sql"
but when someone run "ps -ef | grep sqlplus", it can see my username and password :(
How can i hide username and password.
thanx. (1 Reply)
Discussion started by: temhem
1 Replies
6. Shell Programming and Scripting
Hi
I have following problem Im writing a script (in bash ) , where need to be written login & passwd for databas client .
Its need to in following form login passwd@dbhostname .
The problem is so anybody can read it so the passwd & login are visible and thats not very safety .
Can... (8 Replies)
Discussion started by: kvok
8 Replies
7. Shell Programming and Scripting
i have an expect script that runs like this:
/usr/bin/expect -f /home/skysmart/commandstoexecute.sh host2.net b$4aff Skysmart
when i run this command, and i do a ps -ef and egrep for expect, i see the exact line in the process table and it shows my password for the world to see.
how can i... (2 Replies)
Discussion started by: SkySmart
2 Replies
8. Shell Programming and Scripting
I want to give my long scripts to customer. The customer must not be able to read the scripts even if he has the password. The following command locks and unlocks the script but the set +x is simply ignored.
The code:
read -p 'Script: ' S && C=$S.crypt H='eval "$((dd if=$0 bs=1 skip=//|gpg... (7 Replies)
Discussion started by: frad
7 Replies
9. Shell Programming and Scripting
i have a shell script which calls a java program with username and password arguments.
#!/bin/ksh
#set some classpaths here
#finally run the command
java com.test -u $U -p $P
Now when i run it, the password shows up in the list of processes. I am not the admin on the server so cant... (3 Replies)
Discussion started by: ariesb2b
3 Replies
10. Shell Programming and Scripting
I am writing a shell script for sql loader (just copy part of the code) :
For security reason, I have to put the below loginName and password into another separate file instead of in the same file of this script.
Anyone can give me a hand. Thanks.
Shell Script :... (12 Replies)
Discussion started by: Jaewong
12 Replies
LEARN ABOUT OPENDARWIN
ssh-argv0
SSH-ARGV0(1) BSD General Commands Manual SSH-ARGV0(1)
NAME
ssh-argv0 -- replaces the old ssh command-name as hostname handling
SYNOPSIS
hostname | user@hostname [-l login_name] [command]
hostname | user@hostname [-afgknqstvxACNTX1246] [-b bind_address] [-c cipher_spec] [-e escape_char] [-i identity_file] [-l login_name]
[-m mac_spec] [-o option] [-p port] [-F configfile] [-L port:host:hostport] [-R port:host:hostport] [-D port] [command]
DESCRIPTION
ssh-argv0 replaces the old ssh command-name as hostname handling. If you link to this script with a hostname then executing the link is
equivalent to having executed ssh with that hostname as an argument. All other arguments are passed to ssh and will be processed normally.
OPTIONS
See ssh(1).
FILES
See ssh(1).
AUTHORS
OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH. Markus Friedl contributed the support for SSH
protocol versions 1.5 and 2.0. Jonathan Amery wrote this ssh-argv0 script and the associated documentation.
SEE ALSO
ssh(1)
Debian Project September 7, 2001 Debian Project