Are you wanting to somehow encrypt the password and store it in a file? If so, you need to think of how you are going to mix it up and how you are going to reverse it. Maybe we can help with that, but you jhave to consider how you make the method secure. If someone can read the file and gets the string Krfmase7fjh!kwern and can read you code on how to reverse it, then the can manually follow the process. Even if you convert it to unprintable characters, then they could still use od to get the character codes and work from there.
If your decrypting script does something like this:-
Read access encrypted password from file
Decrypt value and feed to another command in plain text
..... then the above is a problem. If your logic follows more that:-
You store the encrypted password
Another process has to check the user password by encrypting and matching the stored value
... then this may be better, however if you code continues by doing something obvious because the password check is confirmed, then if they can read your code, they can just do the same but exclude the password checking. Consider:-
There is nothing to stop a user reading this and just running vi /data_dir/payroll_file
I'm calling a program with a command line arguement containing a password. while the process is running anyone on the system can ps -ef and see the password. Is there a way to prevent this from happening.
example
PROGRAM USERNAME/PASSWD
I've also tried
PROGRAM `cat passfile`
... (7 Replies)
Is there anyone who knows how to hide an IP from being logged by the site you are visiting. I know of some paid companies but I am looking for a different solution. Is there some way in UNIX to mask the ip.
Help this is urgent.
Datopdog (1 Reply)
Hello,
I am trying to figure out away to hide a command from users when performing a ps check. I have a ksh that purges a table in a database. If I perform a >ps -eaf |grep ksh, I get the login id and password. I do not want other users seeing this. Is there a way to hide this. The login... (5 Replies)
Can Anybody please help me with the command in Unix/Linux which can help me hide the files which is equal to ATTRIB in DOS
Not using . , but any commands in unix which will do this
if you any script which will do this ,it will be very helpful
Its very URGENT
Regards
Victor (9 Replies)
Hi,
I have a simple script to ftp from unix to a mainframe to get and put files. Currently I have the password setup in a VARS file and dereference the var in my script. Doing it this way allws me to change the password in only one place but it is still viewable for many people. Is there any... (6 Replies)
Hello. A bit of a puzzle here:
I have a 3rd party executable, which requires the following parameters:
parm1 = program_name, parm2=userid/password, parm3=additional flags.
We tried passing password as a variable, but you can do grep, and see what the password actually is
I found a bit... (2 Replies)
Hello all ,
I looked up this site for solutions to hide login info from ps -ef | grep like using a seperate file and store the password in that especially for oracle sqlplus scripts.
I just got this thought , But dont know how to implement this in UNIX.
Is there a way to revoke access from... (17 Replies)
class B
{
public:
void fns(void){//base def;}
};
class D:public B
{
public:
void fns(void) {//new def;}
};
I was thinking the above is overriding but somewhere else i found the above is just hiding.Only virtual functions can be considered as overriding?
This is the exact statement ... (1 Reply)
Hi,
I currently have a UNIX script with a function that uses a username and password to connect to the database, retrieve some information and then exit.
At the moment, am getting the username and password from a hidden plain text file and permission set to -r--------, i.e. read only to who... (1 Reply)
Not sure on the description, but here is a quick rundown.
I have 2 servers, we'll call them
serverA
serverB
On serverB, I am calling a script that inside it has the following:
ssh srvdsadm@serverB sudo -u dsadm /opt/apps/DataStage/scripts/autoDeploy.sh ${projName} ${subProjVar}... (1 Reply)
Discussion started by: cbo0485
1 Replies
LEARN ABOUT SUSE
shadow
SHADOW(5) File Formats Manual SHADOW(5)NAME
shadow - encrypted password file
DESCRIPTION
shadow contains the encrypted password information for user's accounts and optional the password aging information. Included is
Login name
Encrypted password
Days since Jan 1, 1970 that password was last changed
Days before password may be changed
Days after which password must be changed
Days before password is to expire that user is warned
Days after password expires that account is disabled
Days since Jan 1, 1970 that account is disabled
A reserved field
The password field must be filled. The encryped password consists of 13 to 24 characters from the 64 characters alphabet a thru z, A thru
Z, 0 thru 9, . and /. Optionally it can start with a "$" character. This means the encrypted password was generated using another (not DES)
algorithm. For example if it starts with "$1$" it means the MD5-based algorithm was used.
Refer to crypt(3) for details on how this string is interpreted.
The date of the last password change is given as the number of days since Jan 1, 1970. The password may not be changed again until the
proper number of days have passed, and must be changed after the maximum number of days. If the minimum number of days required is greater
than the maximum number of day allowed, this password may not be changed by the user.
An account is considered to be inactive and is disabled if the password is not changed within the specified number of days after the pass-
word expires. An account will also be disabled on the specified day regardless of other password expiration information.
This information supercedes any password or password age information present in /etc/passwd.
This file must not be readable by regular users if password security is to be maintained.
FILES
/etc/passwd - user account information
/etc/shadow - encrypted user passwords
SEE ALSO chage(1), login(1), passwd(1), su(1), passwd(5), pwconv(8), pwunconv(8), sulogin(8)AUTHOR
Julianne Frances Haugh (jockgrrl@ix.netcom.com)
SHADOW(5)