How would he actually use this, though? If the script didn't contain a password for the password, it would have to ask for one every time. And if it did contain a password for the password, it would decrypt itself for the hacker's convenience just by running it.
And either way, it's still unprotected from interception before it gets sent to the shell.
I have a faint glimmer of an idea which involves an ssh server set up somewhere just to serve keys... But in the end, it always comes down to running the code somewhere else.
Last edited by Corona688; 01-23-2014 at 11:08 AM..
Hi,
I do not want the plaintext password to appear in the netrc file. So I want to encrypt the password. Is there a way to encrypt the password and still make ftp to use the netrc ?
Thanks in advance.
-Gow:confused: (2 Replies)
I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong.
The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
I have a Solaris 5.9 server and need send information via SFTP automaticaly, and set my username and password encrypted. How can I do this?
Best regards (1 Reply)
We are currently using a script to copy the same encrypted password between our HP-UX and Solaris servers editing the trusted and shadow files directly. The encrypted password is only 13 characters long on both servers and decrypts the same way. Is there a way to copy this same string to Linux... (5 Replies)
Actually in my application there is an XML file. The password and the user name for the database that I need to access the development box is stored there.
But using some UNIX command I am able to access the raw content of the file and not the decrypted code for that password. When I am applying... (3 Replies)
Hi folks,
What will be the easy way to decrypt encrypted passwords on MySQL table. Googling brought me many suggestions on crypt/decrypt running scripts. Please advise. TIA
Remark:
I think the encrypt function of MySQL uses the Unix crypt command to encrypt
B.R.
satimis (1 Reply)
Hi
I wonder whether is possible to generate enrypted passwd for some user and paste it into /etc/shadow file ?
What kind of encryption is used in /etc/shadow file ?
ths for help. (1 Reply)
i have an application that uses the encrypted password that's in the /etc/shadow file.
i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.
this application allowed that... (5 Replies)
Hello, on my android device my app autosaves my password and it encrypts by TLS
im not politically exposed person, just regular entrepreneur. Should i worry if i loose my phone with TLS encrypted password? Or regular mortals or casual hackers are not able to crack it? (4 Replies)
Discussion started by: postcd
4 Replies
LEARN ABOUT SUSE
pmt-ehd
pmt-ehd(8) pam_mount pmt-ehd(8)Name
pmt-ehd - create an encrypted disk image
Syntax
pmt-ehd [-DFx] [-c fscipher] [-h digest] [-i cipher] [-k fscipher_keybits] [-t fstype] -f container_path -p fskey_path -s size_in_mb
Options
Mandatory options that are absent are inquired interactively, and pmt-ehd will exit if stdin is not a terminal.
-D Turn on debugging strings.
-F Force operation that would otherwise ask for interactive confirmation. Multiple -F can be specified to apply more force.
-c cipher
The cipher to be used for the filesystem. This can take any value that cryptsetup(8) recognizes, usually in the form of "cipher-
mode[-extras]". Recommended are aes-cbc-essiv:sha256 (this is the default) or blowfish-cbc-essiv:sha256.
-f path
Store the new disk image at path. If the file already exists, pmt-ehd will prompt before overwriting unless -F is given. If path
refers to a symlink, pmt-ehd will act even more cautious.
-h digest
Digest used for fskey derivation from the password. This can take any value that OpenSSL recognizes. The default is sha1.
-i cipher
Cipher used for the filesystem key (not the encrypted filesystem itself). This can take any value that OpenSSL recognizes, usually
in the form of "cipher-keysize-mode". Recommended is aes-256-cbc (this is the default).
-k keybits
The keysize for the cipher specified with -c. Some ciphers support multiple keysizes, AES for example is available with at least the
keysizes 192 and 256. Example: -c aes-cbc-essiv:sha256 -k 192. The default is 256.
-p path
Store the filesystem key at path. The filesystem key is the ultimate key to open the encrypted filesystem, and the fs key itself is
encrypted with your password.
-s size
The initial size of the encrypted filesystem, in megabytes. This option is ignored when the filesystem is created on a block device.
-t fstype
Filesystem to use for the encrypted filesystem. Defaults to xfs.
-u user
Give the container and fskey files to user (because the program is usually runs as root, and the files would otherwise retain root
ownership).
-x Do not initialize the container with random bytes. This may impact secrecy.
Description
pmt-ehd can be used to create a new encrypted container, and replaces the previous mkehd script as well as any HOWTOs that explain how to
do it manually. Without any arguments, pmt-ehd will interactively ask for all missing parameters. To create a container with a size of 256
MB, use:
pmt-ehd -f /home/user.key -p /home/user.enc -s 256
pam_mount 2008-09-16 pmt-ehd(8)