This is the mail archive of the
mailing list for the Cygwin project.
Re: encoding scripts (so that user can't see passwords easily)?
On Tue, 6 Dec 2005, Tomasz Chmielewski wrote:
> Wayne Willcox schrieb:
> > On Tue, Dec 06, 2005 at 02:58:15PM -0500, Jim Drash wrote:
> > > Don't put the user names or passwords in the script put them in a file
> > > only readable by SYSTEM
> > that would not solve the requirement of protecting the passwords
> > if the disk was stolen. The scripts are supposedly already
> > readable by system and admin only.
> That's exactly what I mean (they are already readable by SYSTEM and admins
> If the disk is stolen, it would add some extra time before the password is
> Someone gave a clue here:
> "instead of storing them plaintext, why don't you try encoding them via
> cryptographic hashes - md5, sha1, tiger and the like."
> But I don't really know where to start (which tool should I use for it?)
Umm, "crypt"? As in
echo -n "Enter your password: "; stty -echo; read password; stty echo
if [ x"`crypt 42 "$password"`" = x"$stored_password" ]; then
echo "Access granted"
echo "Invalid password"
(the '42' above is the "salt" -- see "man crypt").
|\ _,,,---,,_ email@example.com
ZZZzz /,`.-'`' -. ;-;;,_ firstname.lastname@example.org
|,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D.
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
If there's any real truth it's that the entire multidimensional infinity
of the Universe is almost certainly being run by a bunch of maniacs. /DA
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html