Link to home
Create AccountLog in
Avatar of ashsysad
ashsysadFlag for United States of America

asked on

Using encrypted password file in Linux

Hello,

We have a situation like this. We have a Shell script in which we hard-coded the Password for a Production account. The script will login to another server using the hard-coded password and perform some operation.

We feel it's potentially unsafe hard-coding the password in the script, hence am wondering why don't we use an encrypted file which will contain password details and only during the execution, it will decrypt only during the execution.  Please let me know if it is possible.

I'm aware of the other options like using SSH password less keys but my management isn't convinced with it.

Thanks in advance !!
SOLUTION
Avatar of stergium
stergium
Flag of Greece image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of ashsysad

ASKER

Thanks Stergium. The syntax to decrypt a file and write the output to file is giving syntax error. Could you please check ?

# gpg confidentail.txt.gpg -o passfile
usage: gpg [options] [filename]
# gpg -d confidentail.txt.gpg -o passfile
usage: gpg [options] --decrypt [filename]
# gpg -d confidentail.txt.gpg passfile
usage: gpg [options] --decrypt [filename]
#
SOLUTION
Avatar of Tintin
Tintin

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Makes sense Tintin. It would be grateful if  you give me the steps to lock down the SSH connection based on Source IP address ?
SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
@Wmp,  I'm trying how to assign the password present in a file to a Variable in a script. I'm trying like this but it isn't working.  Please help.

# cat secretfile
newpass
# var1=`--stdin secretfile`
-bash: --stdin: command not found
# var1 --stdin secretfile
-bash: test: --stdin: unary operator expected
#
ASKER CERTIFIED SOLUTION
Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Thankyou all. With this discussion, I got some useful information on password security in scripts.
Thankyou all !!