July 8, 2008 08:01pm pdt

1. gheist 7,190
2. TeRReF 4,000
3. ravenpl 3,200
4. mr_egyptian 2,000
4. louisbohm 2,000
4. Arthur_Mino 2,000
4. gbougiakas 2,000
4. riotz 2,000
4. sda100 2,000
4. KCTS 2,000
4. gnurl 2,000
4. tprpics 2,000
13. Dhaest 1,500
13. michal_sjx 1,500
13. Psychotec 1,500
13. mwecompu... 1,500

1. ahoffmann 58,928
2. gheist 35,529
3. yuzh 34,747
4. Tintin 26,923
5. ravenpl 17,555
6. jlevie 17,456
7. chris_ca... 14,021
8. wesly_chen 8,820
9. ppfoong 8,019
10. liddler 7,400
11. PsiCop 4,792
12. amit_g 4,750
13. TeRReF 4,600
14. zgrp 3,000
14. sparks1984 3,000

12.05.2004 at 11:09AM PST, ID: 21231038

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

6.2

How to encrypt and decrypt password in UNIX

Zone: Unix Network Security Questions

Tags: password, unix, decrypt, encrypt

I am not a unix developer but I need to do something in UNIX.
Can anyone please tell me how can I write a script to accept Password from the command line,then encrypt the password and store it into a file.I will aslo need to retrive the password from the encrypted file,decrypt it and put it in a variable which I will pass as a parameter to another script?.
Please help......

Start your free trial to view this solution

Question Stats

Zone: Security

Question Asked By: Abi78

Solution Provided By: Tintin

Participating Experts: 5

Solution Grade: A

Translate:

Loading Advertisement...

Microsoft

Internet Protocols
Applications

Development
OS

Hardware
Windows Security

Apple

Operating Systems
Hardware

Programming
Networking

Software

Internet

Search Engines
File Sharing
WebTrends / Stats
Spy / Ad Blockers

Web Browsers
New Net Users
Web Development
Chat / IM

Anti Spam
Web Servers
Anti-Virus
Email Clients

Gamers

Tips
Online / MMORPG
Puzzle
Emulators

Action / Adventure
Role Playing
Consoles
Game Programming

Strategy
Sports
Misc
Computer Games

Digital Living

Hardware
New Net Users
New Users

Software
Digital Music
Gaming World

Home Security
Apple
Networking Hardware

Virus & Spyware

Vulnerabilities
IDS
Encryption
Anti-Virus

Operating Systems Security
Software Firewalls
WebApplications
Cell Phones

Operating Systems
Internet
Hardware Firewalls

Hardware

Handhelds / PDAs
Displays / Monitors
Components
Networking Hardware

Peripherals
Laptops/Notebooks
Storage
Servers

Desktops
New Users
Misc
Apple

Software

System Utilities
Industry Specific
Network Management
Photos / Graphics
Page Layout
VMWare
Misc
Web Development

OS
CYGWIN
Voice Recognition
Message Queue
Quality Assurance
Security
Firewalls
MultiMedia Applications

Development
Database
Office / Productivity
Business Management
OS/2 Apps
Server Software
Internet / Email

ITPro

OS
Storage
Encryption
Operating Systems Security
Apple Hardware
Laptops & Notebooks
Servers
Networking Hardware
Peripherals

Devices
Displays / Monitors
WebTrends / Stats
Search Engines
Firewalls
WebApplications
IDS
Vulnerabilities
Email Clients

File Sharing
Spy / Ad Blockers
Web Browsers
Web Servers
Networking
Anti-Virus
Chat / IM
Anti Spam

Developer

Web Servers
Web Browsers
Game Programming
Dev Tools
Industry Specific
Office / Productivity

Database
CYGWIN
Web Development
Search Engines
File Sharing
WebTrends / Stats

Programming
Content Management
Application Servers
Protocols

Storage

Removable Backup Media
Storage Technology
Servers

Grid
Remote Access
Backup / Restore

Misc
Hard Drives

Miscellaneous
Security
Development
Linux
VMWare

MainFrame OS
Unix
Apple
OS / 2
AS / 400

BeOS
Microsoft
VMS / OpenVMS

Database

Oracle
Miscellaneous
MySQL
Software
Sybase
Contact Management
PostgreSQL
Data Manipulation
Clarion
InterSystems Cache

Siebel
MUMPS
OLAP
SQLBase
SAS
GIS & GPS
4GL
Berkeley DB
DB2
Informix

Interbase / Firebird
FoxPro
Reporting
LDAP
Filemaker Pro
MS SQL Server
dBase
MS Access

Security

Misc
Web Browsers
Software Firewalls
Operating Systems Security
File Sharing

Spy / Ad Blockers
Vulnerabilities
WebApplications
IDS
Anti-Virus

Encryption
Anti Spam
Email Clients
VPN
Chat / IM

Programming

Editors IDEs
Installation
Handhelds / PDAs
Multimedia Programming
System / Kernel

Algorithms
Game
Signal Processing
Project Management
Open Source

Database
Misc
Languages
Processor Platforms
Theory

Web Development

Scripting
Blogs
Web Servers
Software
Search Engines
Web Graphics
Images

Internet Marketing
Images and Photos
Components
Document Imaging
Web Languages/Standards
Illustration
WebApplications

Fonts
WebTrends / Stats
Authoring
Digital Camera Software
Miscellaneous

Networking

Protocols
Apple Networking
Network Management
Message Queue
Application Servers
Content Management
File Servers
Email Servers
Misc
Java Editors & IDEs

Wireless
Networking Hardware
Backup / Restore
System Utilities
ISPs & Hosting
Web Servers
Storage Technology
Removable Backup Media
Servers
Broadband

Grid
OS / 2
Novell Netware
Unix Networking
Windows Networking
Security
Telecommunications
Operating Systems
Linux Networking

Other

Community Advisor
Lounge
Community Support
New Net Users

Philosophy / Religion
Math / Science
Miscellaneous
URLs

Expert Lounge
Politics
Puzzles / Riddles

Community Support

Suggestions
New to EE
New Topics
Community Advisor

CleanUp
Announcements
General

Feedback
Input
EE Bugs

12.05.2004 at 11:35AM PST, ID: 12749342

jlevie:

How best to do this depends in part on what Unix you are using. Many versions of Unix have a crypt command that could do this (see 'man crypt'). Linux on the other hand doesn't have a simple command line utility for this.

Whether you'll gain any security this way depends entirely on whether the decrypt password is in a file on the system. If it is there's no security advantage to storing decryptable passwords. The security of those is only as good as the security of the file that holds the decrypt key. Only if the decrypt password will be interactively entered each time the encrypted passwords are used will there be any advantage to this process.

12.05.2004 at 01:17PM PST, ID: 12749722

gheist:

#!/bin/ksh
read -p 'Enter username: ' USERNAME
echo -n 'Enter password: ' ; read PASSWORD >/dev/null

. /another/script '$USERNAME':'$PASSWORD'

-----------

reversible encryption is same as no encryption at all
calling script with password as parameter makes password appear in process list ( ps -ef or ps auxww) for everyone else to see

12.05.2004 at 01:17PM PST, ID: 12749725

Tintin:

What Unix flavour?
What language do you want to use?
What type of password?
What purpose?

Many different solutions unless you answer the above.

12.05.2004 at 01:36PM PST, ID: 12749825

Abi78:

I am not sure but I think I am using HP or AIX
I want to do the encryption and decryption in UNIX
It is a password that will be passed as a parameter either to a datastage job or another shell script.
The only purpose of encrypting is to follow our company standards, it doesent matter even if the encryption is vulnerable and can be cracked easily.
I tried using the crypt function but it says crypt not found.Just basic encryption algorithm will do...
I am thinking of converting the password to ASCI, can I do that and if so then how?

12.05.2004 at 01:58PM PST, ID: 12749928

Abi78:

Is there a function by which I can convert the password to ASCI characters and store it in a file like flat file.
Then retrive it using another script and convert it back into alphanumeric.

12.05.2004 at 03:04PM PST, ID: 12750194

gheist:

null encryption is encryption too for your matter

12.05.2004 at 03:12PM PST, ID: 12750221

Tintin:

uname -a will tell you what platform you are on.

The crypt function wouldn't be suitable for your purposes as it is a one way encryption algorythmn, ie: you can not decrypt a crypted string without using a brute force method.

If you don't really care about the security of the password, you could do use something really basic like rot13, or even something *very* basic like hex encoding, eg:

encrypt=`perl -e 'print unpack "H*","yourpassword"'`
descrpt=`perl -e 'print pack "H*","encrypted password"'`

What did you mean by "converting the password to ASCI"? I've never heard of ASCI in the encryption context.

12.05.2004 at 03:38PM PST, ID: 12750301

jlevie:

The crypt function would not be suitable, but some Unixen included a crypt command. The crypt command was intended for just this sort of purpose, namely to encrypt something via a pass-phrase that could later be decrypted.

12.05.2004 at 03:46PM PST, ID: 12750320

gheist:

openssl command line utility can do all sorts of crypto operations

%openssl base64 -e
password
cGFzc3dvcmQK
%openssl base64 -d
cGFzc3dvcmQK
password

same with other ciphers, just like "man openssl" says

12.05.2004 at 03:47PM PST, ID: 12750325

Abi78:

I am on AIX.
I am just wondering if a character string can be converted to its ASCII value...I know it sounds a little stupid....but it is just a thought
Since this is the first time I am working on unix I am trying to think of the easiest way to solve my problem.
If possible can you give me the exact code that I can just copy paste in vi editor and then run it.
If it is much easier to store the password in a file and then encrypt the file..then that will work too..
I really appreciate all your responses.....

12.05.2004 at 03:52PM PST, ID: 12750338

gheist:

you want to store username too

in shell you can use grep to retrieve username/password pairs....

openssl needs to be installed from linux application cd of your AIX CD set.

12.05.2004 at 04:18PM PST, ID: 12750408

Abi78:

I dont have to store the username.
The only criteria is that the password has to be stored in a file in an encrypted format.
Then run another script to get the password,decrypt it, store it in a variable, and pass the variable as a parameter to a datastage job.
I can't install openss since i am connecting to a remote server, and I wont be given permission to install anything on that server.
Thats why I want to know if there is a simle algorithm that i can use for encryption and decryption.

12.05.2004 at 04:27PM PST, ID: 12750455

jlevie:

Does the remote have Perl?

12.05.2004 at 04:41PM PST, ID: 12750493

Abi78:

yes

12.05.2004 at 04:53PM PST, ID: 12750524

Tintin:

#!/bin/sh
encrypt=`perl -e 'print unpack "H*","yourpassword"'`
echo $encrypt >/file/to/store/encrypted/password

pass=`cat /file/to/store/encrypted/password`
decrypt=`perl -e 'print pack "H*",$pass'`

Accepted Solution

12.05.2004 at 05:50PM PST, ID: 12750688

Abi78:

Is there a way I can write this code in my shell script usint the vi editor?

12.05.2004 at 06:54PM PST, ID: 12750899

yuzh:

You can always use vi editor to create/edit text files (shell script is text file!).

12.30.2004 at 11:20AM PST, ID: 12928131

cypherpunks:

20080236-EE-VQP-29