Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Hide/encrypt password in bash file to stop accidentally seeing it

Sorry if this has been asked before, I did check but couldn't find anything...

Is there a function in Unix to encrypt and decrypt a password in a batch file so that I can pipe it into some other commands in a bash file?

I realise that doing this provides no real security, it is more to stop someone accidentally seeing the password if they are looking at the script over my shoulder :)

I'm running on Red Hat 5.3.

I have a script which does something similar to this:

serverControl.sh -u admin -p myPassword -c shutdown 

and I would like to do something like this:

password = decrypt("fgsfkageaivgea", "aDecryptionKey") serverControl.sh -u admin -p $password -c shutdown 

This doesn't protect the password in any way, but does stop someone from accidentally seeing it over my shoulder.

like image 292
Rich Avatar asked Jul 23 '10 14:07

Rich


1 Answers

OpenSSL provides a passwd command that can encrypt but doesn't decrypt as it only does hashes. You could also download something like aesutil so you can use a capable and well-known symmetric encryption routine.

For example:

#!/bin/sh     # using aesutil SALT=$(mkrand 15) # mkrand generates a 15-character random passwd MYENCPASS="i/b9pkcpQAPy7BzH2JlqHVoJc2mNTBM=" # echo "passwd" | aes -e -b -B -p $SALT  MYPASS=$(echo "$MYENCPASS" | aes -d -b -p $SALT)  # and usage serverControl.sh -u admin -p $MYPASS -c shutdown 
like image 106
Kaleb Pederson Avatar answered Oct 03 '22 19:10

Kaleb Pederson