<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Verdana; font-size: 10pt; color: #000000'>i'd settle for a nebulous .exe file.<br><br>i'm searching for compilers of scripts to see what i get. i shudder at the thought of writing something in C--.<br><span><br><span name="x"></span>---<br>Lelio Fulgenzi, B.A.<br>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>(519) 824-4120 x56354 (519) 767-1060 FAX (ANNU)<br>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>Cooking with unix is easy. You just sed it and forget it. <br> - LFJ (with apologies to Mr. Popeil)<br><span name="x"></span><br></span><br><hr id="zwchr"><b>From: </b>"Erick" <ewellnitzvoip@gmail.com><br><b>To: </b>"Matthew Loraditch" <MLoraditch@heliontechnologies.com><br><b>Cc: </b>"Lelio Fulgenzi" <lelio@uoguelph.ca>, "cisco-voip" <cisco-voip@puck.nether.net><br><b>Sent: </b>Friday, March 2, 2012 6:05:04 PM<br><b>Subject: </b>Re: [cisco-voip] OT: storing passwords securely in unix scripts<br><br><div>It depends.</div><div><br></div><div>Basic CUCM user/password combos are in a base 64 encoding so you could store that somewhere but I'm not sure how secure that would be.</div><div><br></div><div>You could also look into encryption algorithms where your script could decode the stored value.</div><div><br></div><div>Problem with either one lies in the fact anyone with access to your code could easily figure out the user/password combination. That is the downfall of scripts instead of a language which compiles a nebulous .exe<br><br>On Mar 2, 2012, at 4:45 PM, Matthew Loraditch <<a href="mailto:MLoraditch@heliontechnologies.com" target="_blank">MLoraditch@heliontechnologies.com</a>> wrote:<br><br></div><div></div><blockquote><div>
<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">
<p>I may be thinking about this wrong, but if they aren't in plain text how is your script going to be able to use them? As far as I know you'd have to supply them back to the device in plain text which means they'd need to be some sort of decryptable encryption
anyway which just puts you into security by obscurity mode. That may be enough for you but seems redundant to me and an extra step if the file the script is using is properly secured file permission wise.</p>
<div>
<p> </p>
<div style="FONT-FAMILY: Tahoma; FONT-SIZE: 13px">
<div><font face="Tahoma" size="2"><span style="FONT-FAMILY: 'Calibri','sans-serif'; COLOR: #244061; FONT-SIZE: 11pt">
<p style="MARGIN: 0in 0in 0pt" class="MsoNormal"><span><font color="#000000">Matthew G. Loraditch - CCVP, CCNA, CCDA<br>
</font></span><span style="FONT-FAMILY: 'Arial','sans-serif'; FONT-SIZE: 9pt"><br>
<font color="#000000">1965 Greenspring Drive</font></span><span><br>
</span><span style="FONT-FAMILY: 'Arial','sans-serif'; FONT-SIZE: 9pt"><font color="#000000">Timonium, MD 21093</font></span><span><br>
</span><span style="FONT-FAMILY: 'Arial','sans-serif'; FONT-SIZE: 9pt"><br>
<font color="#000000">voice. 410.252.8830<br>
fax. 410.252.9284 <br>
<br>
</font><a href="http://twitter.com/heliontech" target="_blank"><span style="COLOR: blue">Twitter</span></a><font color="#000000"> |
</font><a href="http://www.facebook.com/#%21/pages/Helion/252157915296" target="_blank"><span style="COLOR: blue">Facebook</span></a><font color="#000000"> |
</font><a href="http://www.heliontechnologies.com/" target="_blank"><span style="COLOR: blue">Website</span></a><font color="#000000"> |
</font><a href="mailto:support@heliontechnologies.com?subject=Technical%20Support%20Request" target="_blank"><span style="COLOR: blue">Email Support</span></a></span><span style="FONT-FAMILY: 'Arial','sans-serif'"></span></p>
</span></font></div>
</div>
</div>
<div style="FONT-FAMILY: Times New Roman; COLOR: #000000; FONT-SIZE: 16px">
<hr>
<div style="DIRECTION: ltr" id="divRpF150645"><font color="#000000" face="Tahoma" size="2"><b>From:</b> <a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a> [<a href="mailto:cisco-voip-bounces@puck.nether.net" target="_blank">cisco-voip-bounces@puck.nether.net</a>] on behalf of Lelio Fulgenzi [<a href="mailto:lelio@uoguelph.ca" target="_blank">lelio@uoguelph.ca</a>]<br>
<b>Sent:</b> Friday, March 02, 2012 5:09 PM<br>
<b>To:</b> cisco-voip<br>
<b>Subject:</b> [cisco-voip] OT: storing passwords securely in unix scripts<br>
</font><br>
</div>
<div></div>
<div>
<div style="FONT-FAMILY: Verdana; COLOR: #000000; FONT-SIZE: 10pt">this group is a smart bunch of cookies. anyone have any idea how to securely store passwords on unix/linux so that
<span>i can run scripts that require passwords?<br>
<br>
until Cisco builds SSH key pair recognition (or is it there already? ;), this seems like the only option.<br>
<br>
i don't want to be storing passwords in plain text regardless of how secure the directory might be. or at least avoid it if at all possible.<br>
<br>
thoughts?<br>
<br>
<span></span>---<br>
Lelio Fulgenzi, B.A.<br>
Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>
(519) 824-4120 x56354 (519) 767-1060 FAX (ANNU)<br>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>
Cooking with unix is easy. You just sed it and forget it. <br>
- LFJ (with apologies to Mr. Popeil)<br>
<span></span><br>
</span><span>_______________________________________________</span><br></div>
</div>
</div>
</div><span>cisco-voip mailing list</span><br><span><a href="mailto:cisco-voip@puck.nether.net" target="_blank">cisco-voip@puck.nether.net</a></span><br><span><a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a></span><br></div></blockquote></div></body></html>