Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Using Cryptovault for Password

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Using Cryptovault for Password
# 1  
Old 12-06-2010
Using Cryptovault for Password
Does anyone have any experience with this? I am trying to figure out how it works and how you pass the password on within a script so that you aren't prompted for a password.
# 2  
Old 12-06-2010
You can use also expect script.
So if you prompt for password the script enter automatically the predifined pass.
# 3  
Old 12-06-2010
Quote:
Originally Posted by @dagio
You can use also expect script.
So if you prompt for password the script enter automatically the predifined pass.
thanks can you elaborate?

I was told to use the command
getpw -label <label>

but all that does is run the job and go back to command line. If I set the password variable equal to that like..

password=`getpw -label <label>`

I am having trouble passing that to sqlplus
# 4  
Old 12-06-2010
You realize the instant the password leaves the cryptovault it's no longer safe. If you pass it as a commandline parameter, anything could see it.
# 5  
Old 12-06-2010
Quote:
Originally Posted by Corona688
You realize the instant the password leaves the cryptovault it's no longer safe. If you pass it as a commandline parameter, anything could see it.
yes i finally got it working and just realized this. Is there anyway to keep it safe and still be able to pass it to sqlplus within a shell script?

I guess one positive is that the password isn't just hard coded in my param file anymore...
Last edited by k1ko; 12-06-2010 at 06:59 PM..
# 6  
Old 12-07-2010
Quote:
Originally Posted by k1ko
yes i finally got it working and just realized this. Is there anyway to keep it safe and still be able to pass it to sqlplus within a shell script?
You may want to set up circumstances wherein this one, specific user can login this one, specific way without a password. Or some sort of noninteractive login method, if applicable. If and how this can be done varies by DBMS.

If this isn't applicable it is much better to write the password to a pipe than to write it to a file or to pass it as a commandline parameter. If this means writing to a password prompt that insists on a TTY, the expect tool may be able to help you...

Quote:
I guess one positive is that the password isn't just hard coded in my param file anymore...
No, just the parameters for using your cryptovault... If your shell script can use the cryptovault noninteractively, what's stopping anyone else from doing so?
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

2. Shell Programming and Scripting

SFTP prompting for password even though password is in script

Hi All, I am trying to transfer a file from one server to a remote server using SFTP. Client is not ready for key setup. I am working on Solaris 10. Here is the code. #!/bin/ksh # sample automatic Sftp script to dump a file USER="user1" PASSWORD="pass1" HOST="host1" sftp $USER@$HOST... (6 Replies)
Discussion started by: megha2525
6 Replies

3. Shell Programming and Scripting

Where can I get Cryptovault for Unix?

I have searched (Google) and cannot find any reference (except in this forum) to Cryptovault for Unix. Where can I get the source code to this? Does anyone have a link? DC (0 Replies)
Discussion started by: doesntcompute2k
0 Replies

4. UNIX for Dummies Questions & Answers

password protect a CSV file: better solution than ZIP password?

Hi We send *.csv with sensitive data to our customers. Our customers open those files with Excel. A new requirement is that we password protect those CSV files. I thought to pack them with ZIP and assign a password to the archive. But Solaris 10 can't encrypt ZIP files. $ zip -P... (12 Replies)
Discussion started by: slashdotweenie
12 Replies

5. OS X (Apple)

OSX asks password but i don't use a password!!

When i try to install some software OSX asks for a password but i don't use a password at all. Somebody knows a answer please??? asta (4 Replies)
Discussion started by: astapopulos
4 Replies

6. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

7. Shell Programming and Scripting

how to change root password using shell script with standard password

Hi Friends. I am new to scripting now i want to change the root password using the script with standard password. which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies

8. UNIX for Advanced & Expert Users

password verification verify password of a user for only first 8 characters

Helo , I m using linux pam library for user and its password authentication. I m creating new user and giving its password.I m giving password of 10 characters.now when I login in as that newly created user its ask me $ su - ram Password: You are required to change your password immediately... (12 Replies)
Discussion started by: amitpansuria
12 Replies

9. UNIX for Dummies Questions & Answers

Change password by pushing encrypted password to systems

I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong. The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
Discussion started by: benq70
1 Replies
Login or Register to Ask a Question