Scripting help/advise on hiding/masking username/password

Code junkies hangout here

Moderators: ChrisThornett, LXF moderators

Scripting help/advise on hiding/masking username/password

Postby newbie01.linux » Mon Mar 15, 2010 6:15 am

Hi,

I currently have a UNIX script with a function that uses a username and password to connect to the database, retrieve some information and then exit.

At the moment, am getting the username and password from a hidden plain text file and permission set to -r--------, i.e. read only to who own the file.

The owner of the file is the same owner of the script. At the moment, am not too overly concern as the script works as it is but I want to know if anyone have a suggestion if there is any better way of achieving the same thing with some "form" of security, i.e., for example, masking the username/password.

Basically, I want to be able to mask or hide the username or password in some way. I've thought about encryting the password file, which is in plain text, using simple crypt command from which I retrieve the username and password but I need to decrypt it as well which is sort of similar to how it will be as it is now once it is decrypted.

Is there anyway that I can get a username and password in some gibberish format and then translating them into something usable which can be passed on the next command that requires the username/password.

Any advise or suggestion will be very much appreciated. Some kind of starting point to test with I supposed ...

Thanks in advance.
newbie01.linux
 
Posts: 1
Joined: Mon Mar 15, 2010 12:41 am

Postby nelz » Mon Mar 15, 2010 9:41 am

It's a script, so whatever method you use to hide the password will be in plain view. If you want the script to run automatically and you encrypt the password file, you would need to include the decrypt password somewhere in plain text.

Does the database server support any for of key-based authentication? It still uses files on the local filesystem but it somewhat more secure.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8524
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK


Return to Programming

Who is online

Users browsing this forum: No registered users and 0 guests