Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Password

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Password
# 1  
Old 02-06-2009
CPU & Memory Password
Hi guys... there is one small and interesting quiesion with me
Most of us will write many codes using shell script, Is there any way to protect it by password.
I mean to say if i write a code in a file called avi.sh, And iwill give it my friend. Is it possible to make avi.sh file in such a way that my friend can run the script but he canot open and see what is the stuff inside avi.sh.

whether we can give password directly to scripts or put it in tar filse and then assign password or what ever i dont know.... Smilie

Let me tel you one thing, The above is not my assignment or my requirement nor urgent. But above is the question which is killing my mind from long time.

Any solution will be appreciated.Smilie
Thanks, Regards
Avinash
# 2  
Old 02-06-2009
If these scripts all run in BASH, and you have openssl, this will work at some efficiency cost:

Code:
#!/bin/sh

# crypt-script.sh -- reads raw script in stdin, produces encrypted one
# on stdout.

cat <<'EOF'
#!/bin/sh
(openssl enc -d -base64 -a              |
        openssl enc -d -aes-256-cbc -a  |
        (
                read FIRSTLINE
                if [[ "${FIRSTLINE}" == "CRYPT" ]]
                then
                        bash
                else
                        echo "Bad password, or corrupted data" >&2
                fi
        )       ) <<'EOF'
EOF

(echo CRYPT ; cat ) | openssl enc -aes-256-cbc -a | openssl enc -base64 -a

echo EOF

exit 0

Also here is the example script tocrypt.sh:
Code:
# Stupid example.  Very stupid example.
for ((N=0; N<10; N++))
do
        echo "HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA"
done

With both of these made, and crypt-script.sh set executable:
Code:
$ ./crypt-script.sh < tocrypt.sh > newcrypt.sh
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
$ chmod +x ./newcrypt.sh
$ ./newcrypt.sh
enter aes-256-cbc decryption password:
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
HEY GUYS ALJ AF MY FACE IS A ROTTORN BANANANA
$

The autogenerated code in newcrypt.sh is this:
Code:
#!/bin/sh
(openssl enc -d -base64 -a              |
        openssl enc -d -aes-256-cbc -a  |
        (
                read FIRSTLINE
                if [[ "${FIRSTLINE}" == "CRYPT" ]]
                then
                        bash
                else
                        echo "Bad password, or corrupted data" >&2
                fi
        )       ) <<'EOF'
VTJGc2RHVmtYMTlEVVlUSlo4ckRaWDVYZ0J2eUY3bU8vOC9RZ0JmV1M3NEhjUmlD
VjRUdHNTUmVBNW14dlZqMApWTEk5RkI0Y3hIRmRtL29WRHF5aTFWMVViMXNUT3Rw
Yk5kU1NaQ2t4WmtxV3FrZlZCS0w0QXhGQTlJYlg2ZTRaCks2Tnp5ejd2UFN4WmdL
NkJLRXJvMUE9PQo=
EOF

Its password is 'omgwtfbbq'.
# 3  
Old 02-07-2009
hmmm...

not sure sure if your friend has root access but a simple (no password) trick if he/she does not have root access is this:

your user -> avi.skynet
your friend -> avi.friend

chown avi.skynet:avi.skynet avi.sh
chmod 711 avi.sh

now when avi.friend runs vi/cat/nano avi.sh he/she will get a permission denied


NOTE:
This will not work if:

A. He is a user that has root access
B. You are giving the script to him to copy to his/her own computer (Windows or Linux)

If you are just placing in a shared location on the same computer for him/her to execute, and he/she is not an admin/root user this will work.
Last edited by ddreggors; 02-07-2009 at 03:29 AM..
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

2. Shell Programming and Scripting

SFTP prompting for password even though password is in script

Hi All, I am trying to transfer a file from one server to a remote server using SFTP. Client is not ready for key setup. I am working on Solaris 10. Here is the code. #!/bin/ksh # sample automatic Sftp script to dump a file USER="user1" PASSWORD="pass1" HOST="host1" sftp $USER@$HOST... (6 Replies)
Discussion started by: megha2525
6 Replies

3. UNIX for Dummies Questions & Answers

password protect a CSV file: better solution than ZIP password?

Hi We send *.csv with sensitive data to our customers. Our customers open those files with Excel. A new requirement is that we password protect those CSV files. I thought to pack them with ZIP and assign a password to the archive. But Solaris 10 can't encrypt ZIP files. $ zip -P... (12 Replies)
Discussion started by: slashdotweenie
12 Replies

4. Shell Programming and Scripting

Encrypt password but use * when typing password

Hi, I came across the following script for encrypting the password in this forum #! /usr/bin/ksh exec 4>/dev/tty function getpass { typeset prompt=$1 typeset backspace=$(echo \\b\\c) typeset enter=$(echo \\r\\c) typeset savesetting=$(stty -g) ... (9 Replies)
Discussion started by: dbashyam
9 Replies

5. OS X (Apple)

OSX asks password but i don't use a password!!

When i try to install some software OSX asks for a password but i don't use a password at all. Somebody knows a answer please??? asta (4 Replies)
Discussion started by: astapopulos
4 Replies

6. Solaris

SSH Password-less login fails on password expiry.

Hi Gurus I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails. Resetting my password reenables the keys. Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies

7. Shell Programming and Scripting

how to change root password using shell script with standard password

Hi Friends. I am new to scripting now i want to change the root password using the script with standard password. which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies

8. UNIX for Advanced & Expert Users

password verification verify password of a user for only first 8 characters

Helo , I m using linux pam library for user and its password authentication. I m creating new user and giving its password.I m giving password of 10 characters.now when I login in as that newly created user its ask me $ su - ram Password: You are required to change your password immediately... (12 Replies)
Discussion started by: amitpansuria
12 Replies

9. UNIX for Dummies Questions & Answers

Change password by pushing encrypted password to systems

I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong. The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
Discussion started by: benq70
1 Replies
Login or Register to Ask a Question