crypt() perl function to encrypt Password in shell scripts or How Encrypt passwords ?
Hi All,
I Have shell script like this Code:
#!/usr/bin/expect I have tried using crypt() .. but i am not able to understand how to use that .. Can any one help me in giving some sample example to encrypt password in shell script please. Regards Bala |
That is not possible, you will have to decrypt the password with in the script anyway. why don't you use ssh keys if you want to secure your password.
You can use keys and set the remote side to only allow that login to execute specific commands. |
Hi,
I have tried using SSH keys but its not working for me .. its again and again prompting me to enter password. Infact i have tried a lot to debug also for SSH keys no LUCK !!. Is there any other way to encrypt Hardcoded passwords in shell scripts ? Regards Bala Quote:
|
What distros are you using on the client and server side ? It is usually a permissions problem which causes the key to be rejected.
|
Hi,
I am not able to understand this distros Regards Quote:
|
Quote:
|
XXXXXXXXXXXX/apps12i]cat /etc/redhat-release
Red Hat Enterprise Linux AS release 4 (Nahant Update 7) Regards Quote:
|
Did you read the instructions for configuring public key authentication for ssh in the sshd_config file?
Code:
# Set this to 'yes' to enable PAM authentication, account processing, If you have a script or config file that contains a password, you need to take care who has read access to the file. Also if a script contains a password, check if the environment for its process is readible (if it is contained in a variable). A command that takes a password often deletes or blanks out the password argument from the commands argument list as soon as it's read in by the program. |
Try
Code:
restorecon -r ~/.ssh |
I am accessing both the test servers from Putty session .. i have closed the session to restart my session freshly .. i am not able to connect now .. i have to change the config again in sshd_config file .
Normally we access servers though putty only on my machine .. it should prompt for password but it is not ? I appreciate your response very much .. thank you. this requirement is only for ssh .. but i have written lots shell scripts to run my oracle scripts to connect to database , Even there also i have hard coded my password .. i would like to encrypt can this be done ? Regards Bala Quote:
|
No it cannot be done the remote side does not accept an encrypted password. The best option is to get your keys working.
|
If you load your private key in the putty keygen program, an openssh style public key is printed near the top of the dialog. However, if I had to use a windows client, I would install cygwin and use cygwin's ssh client.
Running "ssh -vv" will print out debug information. Also check the logs on the server. They may indicate a problem such as permissions. The permissions of the user's home directory may cause a failure as well. I had a situation where I used a "AllowUsers" entry using user@host which failed, but user@host.domain worked. It was the reverse DNS lookup phase that caused the the authentication failure. |
Hi,
Same issue ssobtest3.koel.co.in/apps12i]ssh -v oracle@ssobtest1 OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to ssobtest1 [10.1.1.71] port 22. debug1: Connection established. debug1: identity file /apps12i/.ssh/identity type -1 debug1: identity file /apps12i/.ssh/id_rsa type -1 debug1: identity file /apps12i/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1 debug1: match: OpenSSH_3.9p1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.9p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'ssobtest1' is known and matches the RSA host key. debug1: Found key in /apps12i/.ssh/known_hosts:4 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-with-mic debug1: Next authentication method: gssapi-with-mic debug1: Authentications that can continue: publickey,gssapi-with-mic debug1: Authentications that can continue: publickey,gssapi-with-mic debug1: Next authentication method: publickey debug1: Trying private key: /apps12i/.ssh/identity debug1: Trying private key: /apps12i/.ssh/id_rsa debug1: Trying private key: /apps12i/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey,gssapi-with-mic). Regards Bala Quote:
|
What do the logs on the server say.
Could you post your sshd_config file (on the server)? By the way, after installing a new distro and setting up ssh, I will ssh in using username/password and keep that session open. I will test it from another terminal session. that way I can reverse any changes. |
All times are GMT -5. The time now is 03:04 AM. |