08-01-2012
Thanks Ashish/Corona688.
@cero:
Actually i want the best practice to secure the Password.
So i should be setting appropriate permissions on the command file right?
Thanks,
Chetan.C
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Could someone please help me...I have an expect script. There's a need for a log in during the script and a password is required...right now the password is just a variable in the expect script...what would be the best way to put that in an encrypted flat file and have the expect script pull the... (2 Replies)
Discussion started by: cubs0729
2 Replies
2. Shell Programming and Scripting
Hello,
I have a paramter file, In which I store all the user-ids and passwords for the project. So if a user just invokes the paramter file he has access to all the variables, which i have exported in the parmatere file.
Now if a user echo's the variable which stores the databse password.... (1 Reply)
Discussion started by: DSDexter
1 Replies
3. Shell Programming and Scripting
Hi,
I have written a shell script in unix for my customer. Now I want to make it only execute and not to read/write. Can anybody help me how to set password protect/encript my script.
Thanks
Suresh (3 Replies)
Discussion started by: suresh3566
3 Replies
4. UNIX for Advanced & Expert Users
Hello folks
I have a conf file ,say 'pass.conf' ,which is storing ascii password : PASS1111.
I need to encrypt this password once and store it in a file.
I ,then need to write a script which would read this encrypted password and decrypts it.The o/p o this script shud be this decrypted... (8 Replies)
Discussion started by: ak835
8 Replies
5. Shell Programming and Scripting
Hi
I have following problem Im writing a script (in bash ) , where need to be written login & passwd for databas client .
Its need to in following form login passwd@dbhostname .
The problem is so anybody can read it so the passwd & login are visible and thats not very safety .
Can... (8 Replies)
Discussion started by: kvok
8 Replies
6. Shell Programming and Scripting
Hi,
I have run the below script which is connected to db2 v9.5. There is no issue. The only problem is how to encrypt the dbpwd?
#!/bin/ksh
#---- Set Environment
dbalias="dev1db"
dbuser="user1"
dbpwd="password"
#---- Connect to the Database
cd /opt/ibm/db2/V9.5/bin
db2 "connect to... (1 Reply)
Discussion started by: lookinginfo
1 Replies
7. Shell Programming and Scripting
Hi,
I came across the following script for encrypting the password in this forum
#! /usr/bin/ksh
exec 4>/dev/tty
function getpass
{
typeset prompt=$1
typeset backspace=$(echo \\b\\c)
typeset enter=$(echo \\r\\c)
typeset savesetting=$(stty -g)
... (9 Replies)
Discussion started by: dbashyam
9 Replies
8. Shell Programming and Scripting
Hi All,
I have stored Oracle database passwords in a hidden file - .pass_file.
My shell script reads the hidden file, gets the password and then logs in to the Oracle database and runs some SQL script.
My requirement is:
I need to provide the shell script to be executed by someone else. So,... (1 Reply)
Discussion started by: sunpraveen
1 Replies
9. Shell Programming and Scripting
Hi All,
very good morning all.
I am trying to connect to informatica repository by using shell script.
I have written pmrep connect command in the script file. But i need to provide repository, domain ,username and password to connect. Username and password are hard coded in the script... (8 Replies)
Discussion started by: SekhaReddy
8 Replies
10. Shell Programming and Scripting
Hello,
I have the following UNIX shell script which connects to the teradata database and executes the SQL Queries. For this, I am passing database name, username and password. I don't want to reveal my password to anyone. So, is there any way that I can encrypt my password and read the... (2 Replies)
Discussion started by: ronitreddy
2 Replies
LEARN ABOUT MOJAVE
sso_util
sso_util(8) BSD System Manager's Manual sso_util(8)
NAME
sso_util -- Kerberos -- Open Directory Single Sign On
SYNOPSIS
sso_util command [-args]
DESCRIPTION
sso_util is a tool for setting up, interrogating and removing Kerberos configurations within the Apple Single Sign On environment. This tool
can configure services, create and consume encrypted config records and tear down Kerberos installations
Commands for sso_util :
info [-p] [-g | -l | -L | -r dir_node_path [dir_node_path]]
Returns information about the current Single Sign On environment
info command arguments:
-p Returns the data in XML format
-g Returns the default Kerberos realm name
-l Returns a list of the services sso_util knows how to Kerberize
-L Returns the default Kerberos log file paths
-r dir_node_path
Returns whether or not the given node has a Kerberos record associated with it. If it does, it returns the default realm
name. If dir_node_path is '.' (default) it also returns all the realm names available on the search path
dir_node_path
specifies the directory node in which to search for the computer record
configure -r REALM -a admin_name [-p password] service
Configures Kerberized services on the local machine for the given realm
configure command arguments:
-r REALM
Kerberos realm for the service principals
-a admin_name
Account name of an administrator authorized to make changes in the Kerberos database
-p password
Password for the above administrator. The password can also be stored in a file and the path to the file can be passed as
an environment variable - SSO_PASSWD_PATH.
service Service can be any number of afp, ftp, imap, pop, smtp, ssh, fcsvr, DNS, or all
useconfig [-u] [-R record_name] [-f dir_node_path] -a admin_name [-p password]
Uses a secure config record to configure a server for Kerberos
configure command arguments:
-u Forces the update, ignoring that the update may already have been installed
-R record_name
Name of the Computer record containing the secure config record
-f dir_node_path
Specifies the directory node in which to find the given computer record
-a admin_name
Account name of an user authorized to use the secure config record (see generateconfig)
-p password
Password for the above user. The password can also be stored in a file and the path to the file can be passed as an envi-
ronment variable - SSO_PASSWD_PATH.
EXAMPLES
To configure a server in realm FOO.COM when you have the Kerberos administrator's password. Store the password in a file and set env var
SSO_PASSWD_PATH to the file path
sso_util configure -r FOO.COM -a kerberos_admin all
To create a secure config record to allow the delegated administrators, Fred and Barney, to configure a server named fred.foo.com in realm
FOO.COM (using an existing computer record). The Open Directory Master for foo.com is odmaster.foo.com. This can be run on any server and
neither Fred nor Barney need to have the Kerberos administrator's password. Store the password in a file and set env var SSO_PASSWD_PATH to
the file path.
sso_util generateconfig -r FOO.COM -R fred.foo.com -f /LDAPv3/odmaster.foo.com -U Fred,Barney -a kerberos_admin all
To use the secure config record to allow Barney to configure the server named fred.foo.com. Store the password in a file and set env var
SSO_PASSWD_PATH to the file path.
sso_util useconfig -R fred.foo.com -f /LDAPv3/odmaster.foo.com -a Barney
FILES
/etc/krb5.keytab The configure and useconfig commands create or modify the krb5.keytab file.
DIAGNOSTICS
You can add -v debug_level to any of the sso_util commands. Debug level 1 provides status information, higher levels add progressively more
levels of detail. The maximum is level 7.
NOTES
The sso_util tool is used by the Apple Single Sign On system to set up Kerberized services integrated with the rest of the Single Sign On
components.
SEE ALSO
kdc(8), kdcsetup(8), kerberos(8), krbservicesetup(8)
Darwin June 1, 2019 Darwin