Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I get a popup, enter my password and the text file is created containing a very long string of characters. If I need to use the password in a script I use this:
Your script or someone elses? You can redirect things to a script <<. And there's expect that can take care of repetitive interactions with scripts. And then there's public and private keys that can be used instead of passwords for some things.
It's my script. Can any of your suggestions encrypt a password to a file (as I indicated in the original post) and then use that file for authentication purposes when running a bash script? It doesn't matter what the script runs. When authentication is needed, the script should be able to use that file.
I do not really understand it. A script easily can be copied and modified, therefore that password checking can be skipped or the password can be stolen
I do not really understand it. A script easily can be copied and modified, therefore that password checking can be skipped or the password can be stolen
Agree. If I have a ready permission on the script, it wouldn't matter if the password it contains is encrypted or not - I can redo what the script is doing and provide the password is contains.
The point is not to have the password shown in plain text inside the script (or in any file for that matter). The script can run, as long as the password file is located next to the script.
This is not a production environment. There are no risks even if someone has the script and the password file. But when I'm writing/testing/troubleshooting the script, I don't want popups all the time asking me for passwords. But I also don't want to have the password in plain text. Neither in the script itself or anywhere else. So its kept encrypted in password.txt.
Yes if someone has the script and the file they can run the script successfully. But no damage will be done and they have no way of knowing the password.
Yes if someone has the script and the file they can run the script successfully. But no damage will be done and they have no way of knowing the password.
Fair enough. Fine. How exactly then is your password used?
You really can't "hide" a password in a script. What you need to do is to have some other form of authentication that will allow the host to recognize the script.
The script will connect on multiple ftp servers using lftp (local insecure servers working on port 21) to download/synchronize various files.
Again, security is of no concern. This is an old legacy environment which has been completely isolated because is no longer supported. Still, I don't want passwords to be visible in scripts.
You really can't "hide" a password in a script. What you need to do is to have some other form of authentication that will allow the host to recognize the script.
I find it hard to believe that there's something I can do in Windows, and I can't do it in Linux.
you need to explain your workflow. What will be stored in which file, where/how do you want to use that secured password? What should be protected?
Remember you do not use script in windows but a binary executable (but probably I missed something).
If you have a powershell script you may also try to post it and we will help you to convert it to unix/bash somehow.
If you have a powershell script you may also try to post it and we will help you to convert it to unix/bash somehow.
Exactly why I was interested to know how the password is being used. I can't imagine a powershell/cmd script which makes use of an "encrypted" string as a credential but will still be able to connect to an ftp server.
Its basically a simple bash script that is scheduled to run every 24 hours. It connects to multiple ftp servers and synchronizes the files it finds, locally. If you exclude all the variables its a single line that runs lftp with various switches/options.
Ideally, in the script, I want to replace the passwords of the ftp servers with a command or a variable that will read the passwords from an encrypted file. I didn't really want to make a big deal out of this, that's why I simply posted what I usually do with Powershell, and if it can be done with Linux.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.