Unix/Linux Go Back    

Solaris The Solaris Operating System, usually known simply as Solaris, is a Unix-based operating system introduced by Sun Microsystems. The Solaris OS is now owned by Oracle.

Encrypt a hardcoded passwd


Thread Tools Search this Thread Display Modes
Old Unix and Linux 03-10-2013
q8devilish q8devilish is offline
Registered User
Join Date: Jun 2009
Last Activity: 23 March 2014, 5:38 AM EDT
Location: Kuwait
Posts: 31
Thanks: 4
Thanked 0 Times in 0 Posts
Encrypt a hardcoded passwd

hey guys,
is there a way to encrypt a hard coded passwd inside a shell script basically this is my script and i was to encrypt or hide the ftp password.


cd /tmp/ftptest
grep -c "{0000000#END#\>" * > NO_OF_CARDS
quote USER $USER
prompt off
cd /tmp/ftptest
mput *
exit 0

And i can’t let the password popup as this script was intended to be automation for a file transfer.
Sponsored Links
Old Unix and Linux 03-10-2013
bakunin bakunin is offline Forum Staff  
Bughunter Extraordinaire
Join Date: May 2005
Last Activity: 22 October 2017, 8:09 PM EDT
Location: In the leftmost byte of /dev/kmem
Posts: 5,614
Thanks: 106
Thanked 1,598 Times in 1,176 Posts
Even if you encrypt the password somehow you would have to provide a mechanism available to the script to decrypt it, so you gain nothing. It is a fact that "ftp" uses clear-text passwords and this intrinsic insecurity cannot be changed or alleviated in any way. As the password is sent clear-text over the net in the login process every interested party can sniff it from there too. There is no way to prevent this. (Btw., the same is true for "telnet" and the other classical means of connecting from one system to the other.)

The only way is to use a securified means of communication: ssh/scp to be precise. In this case the password gets transmitted in an encrypted form, so sniffing is ruled out. You can also set up a "chain of trust" between two user/host-combinations so that userA from hostA can connect as userB to hostB without using a password (so you don't have to state one in your script) but using an exchanged secret both involved parties know. The basic procedure is to connect once, identified by the password and then to store the other hosts secret to a config file so that further connections do not need a password any more.

We have several threads dealing with the setup of such a mechanism, so i suggest you do a forum search for "scp" and/or "ssh" installation.

I hope this helps.

Sponsored Links

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Linux More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
When did AIX start using /etc/security/passwd instead of /etc/passwd to store encrypted passwords? Anne Neville AIX 1 03-09-2012 08:05 PM
Issue with use of Configuration file instead of hardcoded values inside the script irudayaraj UNIX for Dummies Questions & Answers 3 07-29-2011 08:00 AM
passwd cmd reenables passwd aging in shadow entry BG_JrAdmin Solaris 3 01-04-2011 03:28 PM
how to enter hardcoded password automatically abhi_n123 UNIX for Dummies Questions & Answers 4 07-01-2010 10:47 AM
connection string is hardcoded prakash.gr Shell Programming and Scripting 3 06-29-2009 02:26 AM

All times are GMT -4. The time now is 11:08 AM.