Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Encrypt a hardcoded passwd
Operating Systems Solaris Encrypt a hardcoded passwd Post 302778255 by bakunin on Sunday 10th of March 2013 08:12:35 AM
Old 03-10-2013
Even if you encrypt the password somehow you would have to provide a mechanism available to the script to decrypt it, so you gain nothing. It is a fact that "ftp" uses clear-text passwords and this intrinsic insecurity cannot be changed or alleviated in any way. As the password is sent clear-text over the net in the login process every interested party can sniff it from there too. There is no way to prevent this. (Btw., the same is true for "telnet" and the other classical means of connecting from one system to the other.)

The only way is to use a securified means of communication: ssh/scp to be precise. In this case the password gets transmitted in an encrypted form, so sniffing is ruled out. You can also set up a "chain of trust" between two user/host-combinations so that userA from hostA can connect as userB to hostB without using a password (so you don't have to state one in your script) but using an exchanged secret both involved parties know. The basic procedure is to connect once, identified by the password and then to store the other hosts secret to a config file so that further connections do not need a password any more.

We have several threads dealing with the setup of such a mechanism, so i suggest you do a forum search for "scp" and/or "ssh" installation.

I hope this helps.

bakunin
 

10 More Discussions You Might Find Interesting

1. Programming

Help with encrypt function

Hi there, I need to include a simple encryption function in a C program and I came across this function void encrypt(char block, int edflag) whic is defined in #include des_crypt.h. According the man "the block argument to encrypt() is a character array of length 64 containing only the... (1 Reply)
Discussion started by: giggi
1 Replies

2. Shell Programming and Scripting

Tr utility to Encrypt

I need some help.. I would like to make a script that uses the tr utility to "encrypt" a selected file. I need to know how to set up the script so that if i type encrypt(script name) the letter that i want to start the encryption and then the file name, that it starts with the entered letter, and... (1 Reply)
Discussion started by: frankthetank115
1 Replies

3. Shell Programming and Scripting

encrypt my sctipt

Hai , is there any encrypt machanishm to protect my script or logic? (4 Replies)
Discussion started by: readycpbala
4 Replies

4. Shell Programming and Scripting

connection string is hardcoded

Hi, I have many perl scripts in single server, i am new to perl, suggestions are appreciated. connection string is hardcoded in all perl scripts i need to make change the all perl scripts and there should be only one config file available in that server. destination database is mysql... (3 Replies)
Discussion started by: prakash.gr
3 Replies

5. Shell Programming and Scripting

How to Encrypt password

Hello, I have a paramter file, In which I store all the user-ids and passwords for the project. So if a user just invokes the paramter file he has access to all the variables, which i have exported in the parmatere file. Now if a user echo's the variable which stores the databse password.... (1 Reply)
Discussion started by: DSDexter
1 Replies

6. UNIX for Dummies Questions & Answers

how to enter hardcoded password automatically

In the script i am passing a command from script which is called from cron. When this command is called from cron the unix prompt asks for password. Can we automatically enter the password when promted(if the password is hardcoded in script)?? Please let me know how to enter the password... (4 Replies)
Discussion started by: abhi_n123
4 Replies

7. Solaris

passwd cmd reenables passwd aging in shadow entry

Hi Folks, I have Solaris 10, latest release. We have passwd aging set in /etc/defalut/passwd. I have an account that passwd should never expire. Acheived by emptying associated users shadow file entries for passwd aging. When I reset the users passwd using passwd command, it re enables... (3 Replies)
Discussion started by: BG_JrAdmin
3 Replies

8. UNIX for Dummies Questions & Answers

Issue with use of Configuration file instead of hardcoded values inside the script

Hi, My code works perfectly fine. But, $my $min_to_add = 1 * 1 * 60; and my $hr_to_sub = 1 * 1 * 86400; i may need to change the values in future. so am keeping them in a separate configuration file like MIN = 1 * 1 * 60 HR = 24 * 60 * 60 in the script, i use a package use et_config... (3 Replies)
Discussion started by: irudayaraj
3 Replies

9. Shell Programming and Scripting

Need help with file encrypt

Hi I need to encrypt the below file using the translate command to shift each letter five characters to the end of the character set. ALPHABETICAL FACTS. THE FIRST THREE LETTERS ARE ABC. THE MEDIAN LETTERS ARE MN. THE LAST THREE LETTERS ARE XYZ. THE FIRST WORD IN MY DISCTIONARY IS AAL. THE... (1 Reply)
Discussion started by: drew211
1 Replies

10. AIX

When did AIX start using /etc/security/passwd instead of /etc/passwd to store encrypted passwords?

Does anyone know when AIX started using /etc/security/passwd instead of /etc/passwd to store encrypted passwords? (1 Reply)
Discussion started by: Anne Neville
1 Replies

LEARN ABOUT OPENSOLARIS

scp

scp(1)								   User Commands							    scp(1)

NAME

       scp - secure copy (remote file copy program)

SYNOPSIS

       scp [-pqrvBC46] [-F ssh_config] [-S program] [-P port]
	    [-c cipher] [-i identity_file] [-o ssh_option]
	    [ [user@]host1:]file1 []... [ [user@]host2:]file2

DESCRIPTION

       The  scp  utility  copies files between hosts on a network. It uses ssh(1) for data transfer, and uses the same authentication and provides
       the same security as ssh(1). Unlike rcp(1), scp will ask for passwords or passphrases if they are needed for authentication.

       Any file name may contain a host and user specification to indicate that the file is to be copied to/from that  host.  Copies  between  two
       remote hosts are permitted.

OPTIONS

       The following options are supported:

       -4		   Forces scp to use IPv4 addresses only.

       -6		   Forces scp to use IPv6 addresses only.

       -B		   Selects batch mode. (Prevents asking for passwords or passphrases.)

       -c cipher	   Selects the cipher to use for encrypting the data transfer. This option is directly passed to ssh(1).

       -C		   Compression enable. Passes the -C flag to ssh(1) to enable compression.

       -F ssh_config	   Specifies an alternative per-user configuration file for ssh(1.).

       -i identity_file    Selects  the  file from which the identity (private key) for RSA authentication is read. This option is directly passed
			   to ssh(1).

       -o ssh_option	   The given option is directly passed to ssh(1).

       -p		   Preserves modification times, access times, and modes from the original file.

       -P port		   Specifies the port to connect to on the remote host. Notice that this option is written with a capital `P', because	-p
			   is already reserved for preserving the times and modes of the file in rcp(1).

       -q		   Disables the progress meter.

       -r		   Recursively copies entire directories.

       -S program	   Specifies the name of the program to use for the encrypted connection. The program must understand ssh(1) options.

       -v		   Verbose mode. Causes scp and ssh(1) to print debugging messages about their progress. This is helpful in debugging con-
			   nection, authentication, and configuration problems.

OPERANDS

       The following operands are supported:

       host1, host2,...    The name(s) of the host from or to which the file is to be copied.

       file1, file2,...    The file(s) to be copied.

EXIT STATUS

       The following exit values are returned:

       0    Successful completion.

       1    An error occurred.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWsshu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       rcp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), sshd(1M), ssh_config(4), attributes(5)

NOTES

       Generally, use of scp with password or keyboard-interactive authentication  method and two remote hosts does not work. It  does	work  with
       either  the  pubkey,   hostbased or gssapi-keyex authentication method. For the pubkey authentication  method, either private keys not pro-
       tected by a passphrase, or an explicit ssh  agent forwarding have to be used. The gssapi-keyex authentication method  works with  the  ker-
       beros_v5 GSS-API mechanism, but only if	the GSSAPIDelegateCredentials option is enabled.

SunOS 5.11							    22 Jun 2007 							    scp(1)
All times are GMT -4. The time now is 07:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy