Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password hiding in UNIX
Top Forums Shell Programming and Scripting Password hiding in UNIX Post 302841867 by rbatte1 on Thursday 8th of August 2013 05:04:52 AM
Old 08-08-2013
To Scott,

I have dreamed of such a function. Wonderful.


To mohanalakshmi,

Are you wanting to somehow encrypt the password and store it in a file? If so, you need to think of how you are going to mix it up and how you are going to reverse it. Maybe we can help with that, but you jhave to consider how you make the method secure. If someone can read the file and gets the string Krfmase7fjh!kwern and can read you code on how to reverse it, then the can manually follow the process. Even if you convert it to unprintable characters, then they could still use od to get the character codes and work from there.

If your decrypting script does something like this:-
  1. Read access encrypted password from file
  2. Decrypt value and feed to another command in plain text
..... then the above is a problem. If your logic follows more that:-
  1. You store the encrypted password
  2. Another process has to check the user password by encrypting and matching the stored value
... then this may be better, however if you code continues by doing something obvious because the password check is confirmed, then if they can read your code, they can just do the same but exclude the password checking. Consider:-
Code:
read passwd?"What is the password? "
check_password $passwd
if [ $? = 0 ]      # True returned from check_password function for accepted password
then
   vi /data_dir/payroll_file
else
   echo "You are not authorised!"
fi

There is nothing to stop a user reading this and just running vi /data_dir/payroll_file

What are you actually trying to achieve?



Robin
Liverpool/Blackburn
UK
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Hiding password from ps

I'm calling a program with a command line arguement containing a password. while the process is running anyone on the system can ps -ef and see the password. Is there a way to prevent this from happening. example PROGRAM USERNAME/PASSWD I've also tried PROGRAM `cat passfile` ... (7 Replies)
Discussion started by: sudojo
7 Replies

2. IP Networking

Hiding an IP address

Is there anyone who knows how to hide an IP from being logged by the site you are visiting. I know of some paid companies but I am looking for a different solution. Is there some way in UNIX to mask the ip. Help this is urgent. Datopdog (1 Reply)
Discussion started by: datopdog
1 Replies

3. UNIX for Dummies Questions & Answers

Hiding login/password in process!

Hello, I am trying to figure out away to hide a command from users when performing a ps check. I have a ksh that purges a table in a database. If I perform a >ps -eaf |grep ksh, I get the login id and password. I do not want other users seeing this. Is there a way to hide this. The login... (5 Replies)
Discussion started by: ctcuser
5 Replies

4. UNIX for Advanced & Expert Users

Hiding files in unix/linux

Can Anybody please help me with the command in Unix/Linux which can help me hide the files which is equal to ATTRIB in DOS Not using . , but any commands in unix which will do this if you any script which will do this ,it will be very helpful Its very URGENT Regards Victor (9 Replies)
Discussion started by: victorvvk
9 Replies

5. Shell Programming and Scripting

Hiding password for FTP in a script

Hi, I have a simple script to ftp from unix to a mainframe to get and put files. Currently I have the password setup in a VARS file and dereference the var in my script. Doing it this way allws me to change the password in only one place but it is still viewable for many people. Is there any... (6 Replies)
Discussion started by: Cass3
6 Replies

6. UNIX for Dummies Questions & Answers

Hiding Password

Hello. A bit of a puzzle here: I have a 3rd party executable, which requires the following parameters: parm1 = program_name, parm2=userid/password, parm3=additional flags. We tried passing password as a variable, but you can do grep, and see what the password actually is I found a bit... (2 Replies)
Discussion started by: Kishinevetz
2 Replies

7. UNIX for Dummies Questions & Answers

New Approach Hiding login password from ps -ef

Hello all , I looked up this site for solutions to hide login info from ps -ef | grep like using a seperate file and store the password in that especially for oracle sqlplus scripts. I just got this thought , But dont know how to implement this in UNIX. Is there a way to revoke access from... (17 Replies)
Discussion started by: simonsimon
17 Replies

8. Programming

C++ overriding Vs hiding

class B { public: void fns(void){//base def;} }; class D:public B { public: void fns(void) {//new def;} }; I was thinking the above is overriding but somewhere else i found the above is just hiding.Only virtual functions can be considered as overriding? This is the exact statement ... (1 Reply)
Discussion started by: johnbach
1 Replies

9. Shell Programming and Scripting

Scripting help/advise on hiding/masking username/password

Hi, I currently have a UNIX script with a function that uses a username and password to connect to the database, retrieve some information and then exit. At the moment, am getting the username and password from a hidden plain text file and permission set to -r--------, i.e. read only to who... (1 Reply)
Discussion started by: newbie_01
1 Replies

10. Shell Programming and Scripting

Remote call not hiding password fields

Not sure on the description, but here is a quick rundown. I have 2 servers, we'll call them serverA serverB On serverB, I am calling a script that inside it has the following: ssh srvdsadm@serverB sudo -u dsadm /opt/apps/DataStage/scripts/autoDeploy.sh ${projName} ${subProjVar}... (1 Reply)
Discussion started by: cbo0485
1 Replies

LEARN ABOUT CENTOS

radcrypt

RADCRYPT(8)						      System Manager's Manual						       RADCRYPT(8)

NAME

       radcrypt - generate password hash for use with radius, or validates a password hash

SYNOPSIS

       radcrypt [-d|--des] [-m|--md5] [-c|--check] plaintext_password [hashed_password]

DESCRIPTION

       radcrypt  generates  a  hashed digest of a plaintext password, or can validate if a password hash matches a plaintext password. DES and MD5
       hashes are currently supported. When generating a password hash a random salt is generated and applied.

       A hashed password can be validated by specifying -c or --check and passing hashed_password after plaintext_password on  the  command  line.
       In this case hashed_password will be checked to see if it matches plaintext_password. If so "Password OK" will be printed and the exit sta-
       tus will be 1, otherwise "Password BAD" will be printed and exit status will be 0 (Note this is the opposite of a normal  successful  shell
       status).

OPTIONS

       -d --des
	      Use a DES (Data Encryption Standard) hash (default).  Ignored if performing a password check.

       -m --md5
	      Use a MD5 (Message Digest 5) hash.  Ignored if performing a password check.

       -c --check
	      Perform a validation check on a password hash to verify if it matches the plantext password.

EXAMPLES

       $ radcrypt foobar
       HaX0xn7Qy650Q
       $ radcrypt -c foobar HaX0xn7Qy650Q
       Password OK

SEE ALSO

       radiusd(8), crypt(3)

AUTHORS

       Miquel van Smoorenburg <miquels@cistron-office.nl>

																       RADCRYPT(8)
All times are GMT -4. The time now is 09:21 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy