Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Make a password protected bash script resist/refuse “bash -x” when the password is given
Top Forums Shell Programming and Scripting Make a password protected bash script resist/refuse “bash -x” when the password is given Post 302878900 by Corona688 on Monday 9th of December 2013 12:36:07 PM
Old 12-09-2013
You cannot because, no matter how you hide it, when you run it, it will feed the complete unencrypted text into the shell. It has to, or else system() couldn't run it!

That is always the problem with rube goldberg solutions. The code will always still be there, and has to contain all the necessary steps for decrypting itself in plain, or it won't work.

Adding more hoops will not help, since they can ignore everything but the last "hoop" -- the shell.

We have been down this road many, many, many times before. There is no magic solution to keeping running code protected on a system you do not trust. Your real options remain as I gave them.
This User Gave Thanks to Corona688 For This Post:
frad
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

How to make script password protected

Hi All, I want to make my script password protected. i e: if somebody runs my script it should prompt for password. Can somebody help me in to execute the same?? Thanks in Advance :b: (11 Replies)
Discussion started by: achararun
11 Replies

2. OS X (Apple)

Bash script prompt for sudo password?

I'm making a script that will be a double clickable .command file and I need it to prompt for the users admin password. So far I have: if ]; then sudo -p "Please enter your admin password: " date 2>/dev/null 1>&2 if ; then echo "You entered an invalid password... (2 Replies)
Discussion started by: PatGmac
2 Replies

3. Shell Programming and Scripting

How to make files/folders Password protected

Any idea how to make files/folders password protected... I dont want to change the permissions of the files/folders... (1 Reply)
Discussion started by: know d unknown
1 Replies

4. Shell Programming and Scripting

Passing a MySql password from bash script

Hi all, I am running this script on Mandrakelinux release 10.1, 2.6.8.1-12mdksmp #1 SMP I have also installed 'expect' separately. I have created an Rsync script, but before any Rsync command does run, a MySql dump must be done first, and I am battling a bit to pass the MySql password from... (2 Replies)
Discussion started by: codenjanod
2 Replies

5. Shell Programming and Scripting

Best way to hide password in bash script?

Dear folks, The title of my thread says mostly all of what I want to do. Basically I want to auto-ssh to a remote host, and run a program on it (VLC is just an example). I wrote a script which calls xterm and then runs expect on it. The code is as follow #!/bin/bash export PASS="xxxxxxx"... (22 Replies)
Discussion started by: dukevn
22 Replies

6. Shell Programming and Scripting

bash script for password recovery

Hi all, I'm a complete newbie to bash scripting, although I have some experience in programming. The thing is that I have a .dmg file on my mac which I protected with a password, and now I've forgotten it. I remember the first few letters of the password and the characters that represent the... (4 Replies)
Discussion started by: sujay.jauhar
4 Replies

7. Shell Programming and Scripting

Feeding password in bash script

Hello I am doing some test. In a script I have to call a change password routine ( ldap ) which ask confirmation. This can be done from terminal. Is there a way to do something like this : #!/bin/bash # blabla blabla blabla blabla # changing_password_routine user_name... (2 Replies)
Discussion started by: jcdole
2 Replies

8. Shell Programming and Scripting

Masking Password from within a Bash Shell Script

Is there a way to mask the password inside of a script to minimize the impact of a comprimised server? So ssh -o "PasswordAuthentication no" -o "HostbasedAuthentication yes" -l testuser 192.168.3.1 "mysqldump --opt --all-databases -u root -pPassword| gzip" > $backup_dir/mysqldump.gz a... (2 Replies)
Discussion started by: metallica1973
2 Replies

9. Shell Programming and Scripting

Password check in bash script calling on expect

password check in bash script calling on expect Background: I have to copy a file from one server, to over 100 servers in a test environment. once the file is copied, it requires to have the permissions on the file changed/verified. These are all linux servers. most of them have the same... (1 Reply)
Discussion started by: 2legit2quit
1 Replies

10. Shell Programming and Scripting

Bash script for password changes help

I am super new to scripting and I am trying to create a bash script that is interactive that will change other user passwords as well as a few other thing (ie. change SMB pw, see pw expiration,lock/unlock user). I have started it by making it check to see if the username entered is in the... (2 Replies)
Discussion started by: thumbelina
2 Replies

LEARN ABOUT DEBIAN

tentacle_client

TENTACLE_CLIENT(1)					   Client file transfer protocol					TENTACLE_CLIENT(1)

NAME

       tentacle_client - a client file transfer protocol

SYNOPSIS

       tentacle_client <options> Tentacle is a client/server file transfer protocol that aims to be:

       -   Executable programs or shell commands
       -   System calls (functions provided by the kernel)
       -   Library calls (functions within program libraries)

       Tentacle  was  created  to  replace  more complex tools like SCP and FTP for simple file transfer/retrieval, and switch from authentication
       mechanisms like .netrc, interactive logins and SSH keys to X.509 certificates. Simple password authentication over a SSL secured connection
       is supported too.

       The  client  and  server  (TCP port 41121) are designed to be run from the command line or called from a shell script, and no configuration
       files are needed.

       Tentacle is now the default file transfer method for Pandora FMS and Babel Enterprise.

       Tentacle is implemented in Perl and ANSI C (Windows platforms included).

       You can download it and get more information at the official Sourceforge website http://tentacled.sourceforge.net/.

OPTIONS

       Tentacle Client options :
	      -a address : Server address (default 127.0.0.1).
	      -c : Enable SSL without a client certificate.
	      -e cert : OpenSSL certificate file. Enables SSL.
	      -f ca : Verify that the peer certificate is signed by a ca.
	      -g : Get files from the server.
	      -h : Show help.
	      -k key : OpenSSL private key file.
	      -p port : Server port (default 41121).
	      -q : Quiet. Do now print error messages.
	      -r number : Number of retries for network operations (default 3).
	      -t time : Time-out for network operations in seconds (default 1s).
	      -v : Be verbose.
	      -w : Prompt for OpenSSL private key password.
	      -x pwd : Server password.

EXAMPLES

       tentacle_client -a 192.168.1.1 -v /bin/bash
	      Simple file transfer with maximum file size set to 1MB

       tentacle_client -a 192.168.1.1 -x password -v /bin/bash
	      Simple file transfer with password authentication (not secure)

       tentacle_client -a 192.168.1.1 -x password -e cert.pem -k key.pem -v /bin/bash
	      Secure file transfer with client certificate and password authentication

NOTES

       Tentacle requires Perl 5.8 or higher to works

SEE ALSO

       tentacle_server(1), pandora_server(1), pandora_agent(1)

0.2.0								    2010-05-11							TENTACLE_CLIENT(1)
All times are GMT -4. The time now is 05:23 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy