Visit Our UNIX and Linux User Community

Hiding Password

Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Hiding Password
# 1  
Old 04-06-2009
Hiding Password

Hello. A bit of a puzzle here:
I have a 3rd party executable, which requires the following parameters:
parm1 = program_name, parm2=userid/password, parm3=additional flags.
We tried passing password as a variable, but you can do grep, and see what the password actually is
I found a bit different approach, but cannot get it to work
In my script I have something like /mydir/exec prg_name "?" parm3
When I execute my script the "?" is interpreted into prompts: user id and password. How can I pass password without user involvement, and not make it visible via ps?

Your help is greatly appreciated
# 2  
Old 04-07-2009
Run it from a C program

pipe(), fork(), dup the read part of the pipe on to the child's stdin, exec() in child with the parameters you have, and then write the username and password to the child process's stdin via the pipe.

The username and password WILL be visible in the text of the program, so if you can make it executable but not readable except by root, something like mode 0511? It can be executed by others, but the file can't be read. (I tried this on my openbsd system, and w/ mode 0111, I could run it.)

You may have to figure out what to do with the child's stdout. There are other issues to investigate, possibly, like detaching from the terminal, perhaps, and maybe daemon()'izing it.

# 3  
Old 04-07-2009
Thank you.
The problem is when doing ps -augxww command
It shows actuall password being used. I have tried with "?" but that requires user input into prompts..
mysrv/ myprogram.ksh
mysrv/ Please Enter UserID:
At this point I type userID <hit enter>
mysrv/ Please Enter Password:
At this point I type password, but it is not visible <hit enter>
At this point my process is executed. In another window I issue ps command from above, and in the processes instead of userid/password I only see ?
So, how do I pass both (login/password) from the file?
I have tried mysrv/ myprogram.ksh < file.txt but only first parm (loginID) is taken and not the password

Last edited by Kishinevetz; 04-07-2009 at 03:21 PM.. Reason: better explanation

Previous Thread | Next Thread
Test Your Knowledge in Computers #174
Difficulty: Medium
The Apache 2 'Fancy indexing' directive shows the files plus the date the file was last modified, the size and the user who originally created the files.
True or False?

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Password hiding in UNIX

Hi guys, I use STTY command to make the password invisible. Now I need to write the password into another file pwd.txt, but in an invisible manner, something like ******. Another thing is to when I echo the content of pwd.txt I get the password I actually typed. Thanks guys. Help me out. (5 Replies)
Discussion started by: mohanalakshmi
5 Replies

2. Shell Programming and Scripting

Remote call not hiding password fields

Not sure on the description, but here is a quick rundown. I have 2 servers, we'll call them serverA serverB On serverB, I am calling a script that inside it has the following: ssh srvdsadm@serverB sudo -u dsadm /opt/apps/DataStage/scripts/ ${projName} ${subProjVar}... (1 Reply)
Discussion started by: cbo0485
1 Replies

3. Shell Programming and Scripting

Scripting help/advise on hiding/masking username/password

Hi, I currently have a UNIX script with a function that uses a username and password to connect to the database, retrieve some information and then exit. At the moment, am getting the username and password from a hidden plain text file and permission set to -r--------, i.e. read only to who... (1 Reply)
Discussion started by: newbie_01
1 Replies

4. Programming

C++ overriding Vs hiding

class B { public: void fns(void){//base def;} }; class D:public B { public: void fns(void) {//new def;} }; I was thinking the above is overriding but somewhere else i found the above is just hiding.Only virtual functions can be considered as overriding? This is the exact statement ... (1 Reply)
Discussion started by: johnbach
1 Replies

5. UNIX for Dummies Questions & Answers

New Approach Hiding login password from ps -ef

Hello all , I looked up this site for solutions to hide login info from ps -ef | grep like using a seperate file and store the password in that especially for oracle sqlplus scripts. I just got this thought , But dont know how to implement this in UNIX. Is there a way to revoke access from... (17 Replies)
Discussion started by: simonsimon
17 Replies

6. Shell Programming and Scripting

Hiding the Directory

Hi, I have a directory i want to just hide this directory. Could you please tell me the command to hide directory. (2 Replies)
Discussion started by: shivanete
2 Replies

7. Shell Programming and Scripting

Hiding password for FTP in a script

Hi, I have a simple script to ftp from unix to a mainframe to get and put files. Currently I have the password setup in a VARS file and dereference the var in my script. Doing it this way allws me to change the password in only one place but it is still viewable for many people. Is there any... (6 Replies)
Discussion started by: Cass3
6 Replies

8. UNIX for Dummies Questions & Answers

Hiding login/password in process!

Hello, I am trying to figure out away to hide a command from users when performing a ps check. I have a ksh that purges a table in a database. If I perform a >ps -eaf |grep ksh, I get the login id and password. I do not want other users seeing this. Is there a way to hide this. The login... (5 Replies)
Discussion started by: ctcuser
5 Replies

9. IP Networking

Hiding an IP address

Is there anyone who knows how to hide an IP from being logged by the site you are visiting. I know of some paid companies but I am looking for a different solution. Is there some way in UNIX to mask the ip. Help this is urgent. Datopdog (1 Reply)
Discussion started by: datopdog
1 Replies

10. Shell Programming and Scripting

Hiding password from ps

I'm calling a program with a command line arguement containing a password. while the process is running anyone on the system can ps -ef and see the password. Is there a way to prevent this from happening. example PROGRAM USERNAME/PASSWD I've also tried PROGRAM `cat passfile` ... (7 Replies)
Discussion started by: sudojo
7 Replies

Featured Tech Videos