openssl: using a protected password in a script
Hi All,
I have a bash script that will unencrypt a file, use the unencrypted file for a very short time and then delete the unencrypted file. The problem is that my password is in clear text Code:
openssl des3 -d -salt \ I know that the openssl can protect passwords, e.g.: openssl passwd -crypt "password" But can I use this protected password in my script? Any advice would be most appreciated! |
Worse than it being in the script it is also going to show up in a ps aux... using file: pathtofile is better, but still the same base problem of storing an unencrypted password. There is no way around that as far as I know and still having it completely automated... make minimum necessary permissions, put it as a .file in the home directory of the user calling it, etc.
|
...and besides the unencrypted file will be available for reading from file or memory anyway as a result of all of this "protecting".
|
OK, all good points - thank rweaver and unSpawn.
I changed the process (painful but I am the main user anyway) so that we read the password each time. |
All times are GMT -5. The time now is 06:07 PM. |