I am new to the encryption world. I have some python experience under my belt but not much when it comes to encrypting passwords. I have compiled a python script that is very simple. It queries a directory > grabs a specific type of file > starts a FTP transmission > ends.
Currently, in testing, my python script has the URL, username, password in cleartext. For obvious reasons, I want to move away from that. What is the best practice to encrypt my data?
- Script will be downloaded from an FTP host to various machines
- The script will be placed in a hidden dir
- Service will run to kick off-script during an interval
It would make sense for me since this script will be deployed globally to encrypt password once, store in some sort of file, then reference later in the script.
I am looking for some pointers, examples, and best practices.
# query for file to ftp
alr_file = '/Users/path/to/file/to_ftp'
ftpALR = 
for item in os.listdir(alr_file):
ftpALR.append(alr_file + '/' + item)
# ftp transmission function
# list ftp dir
cnopts = pysftp.CnOpts()
cnopts.hostkeys = None
cnopts=cnopts) as sftp:
length = len(ftpALR)
for i in range(length):