Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

How to hide password in shell script?

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting How to hide password in shell script?
# 8  
Old 09-22-2017
My DB days are gone for quite long time, and my sql has corroded away, but as far as I recall, sqlldr is an independent command of its own and thus should not occur in the input stream of sqlplus, i.e. it should disappear from the "here document"?
# 9  
Old 09-22-2017
Quote:
Originally Posted by Jaewong
Thanks.
I knew there is no security indeed.
BUT, it is our silly company policy that does not want the user name and password put in the same place in the same script.
Not entirely silly, it's halfway to a real solution, but only halfway. The password file can be placed at a remove via ownerships and file permissions. Then you can use sudo to run the script, so that only the script and nothing else can read the password file.
# 10  
Old 09-25-2017
Hi Don, what do you mean by the follows ?
Do you mean to name the credential file with loginName and password as "xxxx.secret" ?
If so, I tried to name it as "login.secret", but it can still show up with "ls" command.

" To make it slightly less obvious to people looking for passwords, I would suggest that the last component of the absolute path named by DATAFILE should have a period as the first character (such as .secret) so it won't show up in an ls command unless the -a option is included. "
# 11  
Old 09-25-2017
Quote:
Originally Posted by Jaewong
Hi Don, what do you mean by the follows ?
Do you mean to name the credential file with loginName and password as "xxxx.secret" ?
If so, I tried to name it as "login.secret", but it can still show up with "ls" command.

" To make it slightly less obvious to people looking for passwords, I would suggest that the last component of the absolute path named by DATAFILE should have a period as the first character (such as .secret) so it won't show up in an ls command unless the -a option is included. "
That is not what I said. Look more closely at the red text in your quote from my earlier message above.
The first character of xxx.secret and login.secret is not a period so they will not be hidden when listed by ls. If you name the file .secret (with a period as the first character as I suggested), it will not show up in ls output unless you include the -a option on the ls command.
# 12  
Old 09-25-2017
You can echo the username and password and pipe it into either sqlplus or sqlldr.

Code:
echo "${USERNAME}/${PASSWORD}@${TNS_ALIAS}" | sqlplus ...
echo "${USERNAME}/${PASSWORD}@${TNS_ALIAS}" | sqlldr ...

You can also create a password file under your $HOME/.ssh directory and have a separate script read that file and store the passwords as local environment variables. Meaning to add the word export. If someone can log on as the Oracle user on a Linux/Unix system they can authenticate using the us user.

Code:
sqlplus '/as sysdba'

Thus you already need to keep the $HOME/.ssh locked down, so that is the best place to keep passwords.
# 13  
Old 09-25-2017
Quote:
Originally Posted by Jaewong
Hi Don, what do you mean by the follows ?
Do you mean to name the credential file with loginName and password as "xxxx.secret" ?
If so, I tried to name it as "login.secret", but it can still show up with "ls" command.
Hiding it is pointless.

If you want to secure it so people won't get at it, secure it so people can't get at it. UNIX has file permissions for a reason.
Last edited by Corona688; 09-25-2017 at 12:42 PM..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Expect Script - Hide password from process table

i have an expect script that runs like this: /usr/bin/expect -f /home/skysmart/commandstoexecute.sh host2.net b$4aff Skysmart when i run this command, and i do a ps -ef and egrep for expect, i see the exact line in the process table and it shows my password for the world to see. how can i... (2 Replies)
Discussion started by: SkySmart
2 Replies

2. Shell Programming and Scripting

How to hide/encrypt password in script?

Hi I have following problem Im writing a script (in bash ) , where need to be written login & passwd for databas client . Its need to in following form login passwd@dbhostname . The problem is so anybody can read it so the passwd & login are visible and thats not very safety . Can... (8 Replies)
Discussion started by: kvok
8 Replies

3. Shell Programming and Scripting

Best way to hide password in bash script?

Dear folks, The title of my thread says mostly all of what I want to do. Basically I want to auto-ssh to a remote host, and run a program on it (VLC is just an example). I wrote a script which calls xterm and then runs expect on it. The code is as follow #!/bin/bash export PASS="xxxxxxx"... (22 Replies)
Discussion started by: dukevn
22 Replies

4. UNIX for Dummies Questions & Answers

How can i hide username/password

hi all, i run sqlplus command on unix(HP-UX) like "sqlplus username/password@serverA @deneme.sql" but when someone run "ps -ef | grep sqlplus", it can see my username and password :( How can i hide username and password. thanx. (1 Reply)
Discussion started by: temhem
1 Replies

5. Shell Programming and Scripting

How Do I Hide the Password in a Script

Hi, I am writing a UNIX .ksh script and need to send the login password of the login id that is executing the script to a command that I am executing in the script. I don't want that password to be seen by anyone except whoever is executing the script. Does anyone know how I can accomplish... (6 Replies)
Discussion started by: samd
6 Replies

6. Shell Programming and Scripting

Want to hide password

All, In my script I am calling another script.. in that script I need to enter a password. Problem is that everyone is able to see the password when I enter that. Is there any way that when i enter that password it should not display or may look like *******. Or if there any other way that I... (1 Reply)
Discussion started by: arpitk
1 Replies

7. Shell Programming and Scripting

How to hide user inputted text for interactive unix shell script?

Hi everybody, Do you know how to hide the text for interactive unix shell script? Just like the case for inputting password during logon. Patrick (1 Reply)
Discussion started by: patrickpang
1 Replies

8. Shell Programming and Scripting

How to hide password on Linux?

Hi falks, I have the following ksh code: echo "Enter VS Admin password:" oldstty=`stty -g` stty -echo intr '$-' read password stty $oldstty echo This code ask from a user to enter his password. The OS suppose to hide the entering of the... (2 Replies)
Discussion started by: nir_s
2 Replies

9. Programming

hide password typing

I am doing a project in C program which requires to type in password in Unix terminal. Does anybody know how to shade or not output any words typed by user in the terminal? I use the function scan() to read typing from user. Thanks in advance. (2 Replies)
Discussion started by: ivancheung
2 Replies

10. Shell Programming and Scripting

Hide code in shell script???

Hello, I am very new to Unix so I want to apologize in advance in case my question is stupid. I wrote a KORN script that I am planning to distribute to many users. This script contains sensitive information that the users should not see: user name and password to our database servers with... (11 Replies)
Discussion started by: alan
11 Replies
Login or Register to Ask a Question