This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: encoding scripts (so that user can't see passwords easily)?

On Tue, 6 Dec 2005, Tomasz Chmielewski wrote:

> Wayne Willcox schrieb:
> > On Tue, Dec 06, 2005 at 02:58:15PM -0500, Jim Drash wrote:
> >
> > > Don't put the user names or passwords in the script put them in a file
> > > only readable by SYSTEM
> > that would not solve the requirement of protecting the passwords
> > if the disk was stolen.  The scripts are supposedly already
> > readable by system and admin only.
> >
> That's exactly what I mean (they are already readable by SYSTEM and admins
> only).
> If the disk is stolen, it would add some extra time before the password is
> compromised.
> Someone gave a clue here:
> "instead of storing them plaintext, why don't you try encoding them via
> cryptographic hashes - md5, sha1, tiger and the like."
> But I don't really know where to start (which tool should I use for it?)

Umm, "crypt"?  As in

echo -n "Enter your password: "; stty -echo; read password; stty echo
if [ x"`crypt 42 "$password"`" = x"$stored_password" ]; then
  echo "Access granted"
  echo "Invalid password"

(the '42' above is the "salt" -- see "man crypt").
      |\      _,,,---,,_
ZZZzz /,`.-'`'    -.  ;-;;,_
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

If there's any real truth it's that the entire multidimensional infinity
of the Universe is almost certainly being run by a bunch of maniacs. /DA

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]