This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: encoding scripts (so that user can't see passwords easily)?

Tomasz Chmielewski wrote:

> That's exactly what I mean (they are already readable by SYSTEM and
> admins only).
> If the disk is stolen, it would add some extra time before the password
> is compromised.
> Someone gave a clue here:
> "instead of storing them plaintext, why don't you try encoding them via
> cryptographic hashes - md5, sha1, tiger and the like."
> But I don't really know where to start (which tool should I use for it?)

Let's step back a minute.

If your script is storing passwords so that it can *supply* them to
windows, then you can't store hashes.  That only works if your script
accepts passwords itself and then verifies them *itself* against the
stored hashes.

Now, assuming you need to store passwords in plaintext:

Without some sort of external storage, there is absolutely nothing you
can do to prevent someone that stole the drive from being able to read
the plaintext passwords.  You can encrypt them up the wazoo, it doesn't
matter.  To encrypt you have to use a key of some kind, and unless you
store that key in a location off of the hard drive, then all the
attacker has to do is take the key and use it to decrypt.  
Put another way, the attacker can do whatever the PC does to access the
passwords.  So if the PC can access the passwords without data from
elsewhere, so can the thief.

So, unless you're planning on setting up something where a passphrase
not stored on the disk is entered on the keyboard, retrieved from a
floppy, etc. then you're wasting your time.

If you just want to encrypt to say that you've encrypted, then there are
tons of utilities to do this.  Try "man openssl" or "man enc" for
starters.  But again, if you store the encrypted file next along with
the key on the disk then you've accomplished absolutely nothing from a
security standpoint.  (This is assuming you use a key without a
passphrase.  But if you do that you are essentially no longer storing
the key on the disk, since it will require some keyboard input to


Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]