Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Encrypted password in script
Top Forums Shell Programming and Scripting Encrypted password in script Post 302885060 by Corona688 on Thursday 23rd of January 2014 10:00:21 AM
Old 01-23-2014
Quote:
Originally Posted by in2nix4life
You can use openssl:

Code:
ENCRYPT
echo "secretpassword" | openssl aes-256-cbc -a -salt
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
U2FsdGVkX19T5h74/9HOtWBX4WoIggVKksYf7L1WBso=

DECRYPT
echo "U2FsdGVkX19T5h74/9HOtWBX4WoIggVKksYf7L1WBso=" | openssl aes-256-cbc -a -d -salt
enter aes-256-cbc decryption password:
secretpassword

How would he actually use this, though? If the script didn't contain a password for the password, it would have to ask for one every time. And if it did contain a password for the password, it would decrypt itself for the hacker's convenience just by running it.

And either way, it's still unprotected from interception before it gets sent to the shell.

I have a faint glimmer of an idea which involves an ssh server set up somewhere just to serve keys... But in the end, it always comes down to running the code somewhere else.
Last edited by Corona688; 01-23-2014 at 11:08 AM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

netrc file encrypted password

Hi, I do not want the plaintext password to appear in the netrc file. So I want to encrypt the password. Is there a way to encrypt the password and still make ftp to use the netrc ? Thanks in advance. -Gow:confused: (2 Replies)
Discussion started by: ggowrish
2 Replies

2. UNIX for Dummies Questions & Answers

Change password by pushing encrypted password to systems

I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong. The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
Discussion started by: benq70
1 Replies

3. Solaris

how can i send via SFTP information with my password encrypted?

I have a Solaris 5.9 server and need send information via SFTP automaticaly, and set my username and password encrypted. How can I do this? Best regards (1 Reply)
Discussion started by: irasela
1 Replies

4. Linux

Interpreting the encrypted shadow password?

We are currently using a script to copy the same encrypted password between our HP-UX and Solaris servers editing the trusted and shadow files directly. The encrypted password is only 13 characters long on both servers and decrypts the same way. Is there a way to copy this same string to Linux... (5 Replies)
Discussion started by: keelba
5 Replies

5. UNIX for Dummies Questions & Answers

How to : Identify the the password is encrypted or not in /etc/shadow or /etc/passwd?

Thanks AVKlinux (11 Replies)
Discussion started by: avklinux
11 Replies

6. UNIX and Linux Applications

Accessing Oracle via encrypted password

Actually in my application there is an XML file. The password and the user name for the database that I need to access the development box is stored there. But using some UNIX command I am able to access the raw content of the file and not the decrypted code for that password. When I am applying... (3 Replies)
Discussion started by: nandumishra
3 Replies

7. Shell Programming and Scripting

To decrypt encrypted password

Hi folks, What will be the easy way to decrypt encrypted passwords on MySQL table. Googling brought me many suggestions on crypt/decrypt running scripts. Please advise. TIA Remark: I think the encrypt function of MySQL uses the Unix crypt command to encrypt B.R. satimis (1 Reply)
Discussion started by: satimis
1 Replies

8. UNIX for Advanced & Expert Users

/etc/shadow encrypted password

Hi I wonder whether is possible to generate enrypted passwd for some user and paste it into /etc/shadow file ? What kind of encryption is used in /etc/shadow file ? ths for help. (1 Reply)
Discussion started by: presul
1 Replies

9. UNIX for Dummies Questions & Answers

Using the encrypted password of the shadow file

i have an application that uses the encrypted password that's in the /etc/shadow file. i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios. this application allowed that... (5 Replies)
Discussion started by: SkySmart
5 Replies

10. Cybersecurity

Is TLS encrypted password safe?

Hello, on my android device my app autosaves my password and it encrypts by TLS im not politically exposed person, just regular entrepreneur. Should i worry if i loose my phone with TLS encrypted password? Or regular mortals or casual hackers are not able to crack it? (4 Replies)
Discussion started by: postcd
4 Replies

LEARN ABOUT CENTOS

lpasswd

lpasswd(1)						      General Commands Manual							lpasswd(1)

NAME

       lpasswd - Change group or user password

SYNOPSIS

       lpasswd [OPTION]... [name]

DESCRIPTION

       Changes password of user or group name.

       If  the	name  argument is not provided, username of the invoking user is used; the name argument is ignored if lpasswd is run set-uid to a
       different user.

       Entering an empty password (by pressing Enter) aborts the password setting operation.

OPTIONS

       -F, --plainpassword-fd=fd
	      Read password from file descriptor fd, terminated by end of file, '
' or '
'.

       -f, --password-fd=fd
	      Read password hash from file descriptor fd, terminated by end of file, '
' or '
'.

       -g, --group
	      Change password of group name.  By default the password of user name is changed.

       -i, --interactive
	      Ask all questions when connecting to the user database, even if default answers are set up in libuser configuration.

       -P, --plainpassword=password
	      Set the password to password.  Note that the password can be viewed while running lpasswd using tools such as ps(1).

       -p, --password=encrypted
	      Set the password to the password represented by the hash encrypted.  Note that the hash can be viewed while  running  lpasswd  using
	      tools such as ps(1).

EXIT STATUS

       The exit status is 0 on success, nonzero on error.

libuser 							    Jan 12 2005 							lpasswd(1)
All times are GMT -4. The time now is 02:33 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy