在 bash 文件中隐藏/加密密码以防止意外看到它 [英] Hide/encrypt password in bash file to stop accidentally seeing it

问题描述

对不起，如果之前有人问过这个问题，我确实检查过但找不到任何东西......

Sorry if this has been asked before, I did check but couldn't find anything...

在 Unix 中是否有一个函数可以加密 和 解密批处理文件中的密码，以便我可以将其通过管道传输到 bash 文件中的一些其他命令中?

Is there a function in Unix to encrypt and decrypt a password in a batch file so that I can pipe it into some other commands in a bash file?

我意识到这样做并没有提供真正的安全性，如果有人在我的肩膀上查看脚本，更要防止他们意外看到密码:)

I realise that doing this provides no real security, it is more to stop someone accidentally seeing the password if they are looking at the script over my shoulder :)

我在 Red Hat 5.3 上运行.

I'm running on Red Hat 5.3.

我有一个类似这样的脚本:

I have a script which does something similar to this:

serverControl.sh -u admin -p myPassword -c shutdown

我想做这样的事情:

password = decrypt("fgsfkageaivgea", "aDecryptionKey")
serverControl.sh -u admin -p $password -c shutdown

这不会以任何方式保护密码，但确实可以防止有人从我的肩膀上意外看到它.

This doesn't protect the password in any way, but does stop someone from accidentally seeing it over my shoulder.

推荐答案

OpenSSL 提供了一个 passwd 命令可以加密但不能解密，因为它只做散列.您还可以下载类似 aesutil 这样您就可以使用功能强大且众所周知的对称加密例程.

OpenSSL provides a passwd command that can encrypt but doesn't decrypt as it only does hashes. You could also download something like aesutil so you can use a capable and well-known symmetric encryption routine.

例如:

#!/bin/sh    
# using aesutil
SALT=$(mkrand 15) # mkrand generates a 15-character random passwd
MYENCPASS="i/b9pkcpQAPy7BzH2JlqHVoJc2mNTBM=" # echo "passwd" | aes -e -b -B -p $SALT 
MYPASS=$(echo "$MYENCPASS" | aes -d -b -p $SALT)

# and usage
serverControl.sh -u admin -p $MYPASS -c shutdown

这篇关于在 bash 文件中隐藏/加密密码以防止意外看到它的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！