All Sign in options. Enter a Email Address. Choose your interests Get the latest news, expert insights and market research, sent straight to your inbox. Newsletter Topics Select minimum 1 topic. Operating Systems. Abdul Qadir March 19, 0 Comments. Romeo Ninov Posted March 19, 0 Comments. Shakeer Posted March 19, 0 Comments.
Robert Weinmann Posted March 19, 0 Comments. Just makes the pipe a little simpler. Abdul Qadir Posted March 22, 0 Comments. Dear Experts, Hi thanks for your valuable advices. I test these on my test server and inform you about the result Regards,. Register or Login. Welcome back! Typically I can send this data as a e-mail attachment via what we term a "mail filter" using telnet.
I now would like to somehow encrypt the data and send it to a e-mail NEED expertise help for this topic!!! Question 1: Is encryption possible for the shell scriping programing?
Question2: built a simple program with the simplicity function that allow user change settings by enter corret name and RedHat Commands.
OpenSolaris Commands. Linux Commands. SunOS Commands. FreeBSD Commands. Full Man Repository. Advanced Search. Contact Us. Forum Rules.
Mark Forums Read. Thread Tools. View Public Profile for anthony You can secure this file to make it non-accessible for others. The tool can be found here. You can see the installation steps of this tool from here. Assuming your user and pass are stored in user.
In order to have more secure encryption you can try to use you own complex salt with -S "your complex string". However this might be sufficient for most uses. You might look at using an SSH tunnel.
You can setup the database to listen on a local port and allow a user to connect without a password on that port reject all connections other than You then use certificate authentication to connect to SSH, this is both harder to spoof and there are no hard coded passwords.
If this script is something that should operate on a cron job it can execute as a service account that runs with a nologin shell. What your worrying about at that point is SSH key management and there are many tools to assist with this. The only people locally who could get to the private key are users with root access and in that case, your encrypted password store isn't safe from them either. Another benefit is that the script can be placed under remote version control and the authentication is left to being an implementation detail, not something that can be extracted from the script should the code leak beyond the machine it's implemented on.
A few databases already support certificate auth Postgresql for instance , but using SSH tunnel would work for any database that has a command line client. I had a similar problem wanting to have a simple, yet secure solution to store encrypted secrets in shell scripts.
The best solution I came up with was to store the encrypted passwords in the home directory of my user and then read them into my scripts. The root user on a machine could potentially access the secrets, but otherwise they were safe. This has the nice benefit of allowing you to distribute or store the script in a code repository without having to expose your credentials.
You can download the shell script, encpass. Essentially what it does is create an AES bit key for each script or user-defined bucket and then encrypts any secrets for that script in a hidden folder under your home directory that only your user can access. When the keys are not in use it also provides a lock command to encrypt the keys themselves with a password. Pasted below is the lite version of the code, but you can download the full version over on github.
It has an MIT License, so you can use and distribute it in commercial settings.
0コメント