[cisco-voip] OT: storing passwords securely in unix scripts
Lelio Fulgenzi
lelio at uoguelph.ca
Fri Mar 2 18:07:18 EST 2012
honestly, i never thought that far ahead. i was hoping i could write the script and then somehow convert it to a binary or encrypted file itself so you couldn't read it, but you could still execute it .
---
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (ANNU)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Cooking with unix is easy. You just sed it and forget it.
- LFJ (with apologies to Mr. Popeil)
----- Original Message -----
From: "Matthew Loraditch" <MLoraditch at heliontechnologies.com>
To: "Lelio Fulgenzi" <lelio at uoguelph.ca>, "cisco-voip" <cisco-voip at puck.nether.net>
Sent: Friday, March 2, 2012 5:45:27 PM
Subject: RE: [cisco-voip] OT: storing passwords securely in unix scripts
I may be thinking about this wrong, but if they aren't in plain text how is your script going to be able to use them? As far as I know you'd have to supply them back to the device in plain text which means they'd need to be some sort of decryptable encryption anyway which just puts you into security by obscurity mode. That may be enough for you but seems redundant to me and an extra step if the file the script is using is properly secured file permission wise.
Matthew G. Loraditch - CCVP, CCNA, CCDA
1965 Greenspring Drive
Timonium, MD 21093
voice. 410.252.8830
fax. 410.252.9284
Twitter | Facebook | Website | Email Support
From: cisco-voip-bounces at puck.nether.net [cisco-voip-bounces at puck.nether.net] on behalf of Lelio Fulgenzi [lelio at uoguelph.ca]
Sent: Friday, March 02, 2012 5:09 PM
To: cisco-voip
Subject: [cisco-voip] OT: storing passwords securely in unix scripts
this group is a smart bunch of cookies. anyone have any idea how to securely store passwords on unix/linux so that i can run scripts that require passwords?
until Cisco builds SSH key pair recognition (or is it there already? ;), this seems like the only option.
i don't want to be storing passwords in plain text regardless of how secure the directory might be. or at least avoid it if at all possible.
thoughts?
---
Lelio Fulgenzi, B.A.
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1
(519) 824-4120 x56354 (519) 767-1060 FAX (ANNU)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Cooking with unix is easy. You just sed it and forget it.
- LFJ (with apologies to Mr. Popeil)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20120302/3424b53b/attachment.html>
More information about the cisco-voip
mailing list