在 bash 文件中隐藏/加密密码以防止意外看到它 [英] Hide/encrypt password in bash file to stop accidentally seeing it
问题描述
对不起,如果之前有人问过这个问题,我确实检查过但找不到任何东西......
Sorry if this has been asked before, I did check but couldn't find anything...
在 Unix 中是否有一个函数可以加密 和 解密批处理文件中的密码,以便我可以将其通过管道传输到 bash 文件中的一些其他命令中?
Is there a function in Unix to encrypt and decrypt a password in a batch file so that I can pipe it into some other commands in a bash file?
我意识到这样做并没有提供真正的安全性,如果有人在我的肩膀上查看脚本,更要防止他们意外看到密码:)
I realise that doing this provides no real security, it is more to stop someone accidentally seeing the password if they are looking at the script over my shoulder :)
我在 Red Hat 5.3 上运行.
I'm running on Red Hat 5.3.
我有一个类似这样的脚本:
I have a script which does something similar to this:
serverControl.sh -u admin -p myPassword -c shutdown
我想做这样的事情:
password = decrypt("fgsfkageaivgea", "aDecryptionKey")
serverControl.sh -u admin -p $password -c shutdown
这不会以任何方式保护密码,但确实可以防止有人从我的肩膀上意外看到它.
This doesn't protect the password in any way, but does stop someone from accidentally seeing it over my shoulder.
推荐答案
OpenSSL 提供了一个 passwd 命令可以加密但不能解密,因为它只做散列.您还可以下载类似 aesutil 这样您就可以使用功能强大且众所周知的对称加密例程.
OpenSSL provides a passwd command that can encrypt but doesn't decrypt as it only does hashes. You could also download something like aesutil so you can use a capable and well-known symmetric encryption routine.
例如:
#!/bin/sh
# using aesutil
SALT=$(mkrand 15) # mkrand generates a 15-character random passwd
MYENCPASS="i/b9pkcpQAPy7BzH2JlqHVoJc2mNTBM=" # echo "passwd" | aes -e -b -B -p $SALT
MYPASS=$(echo "$MYENCPASS" | aes -d -b -p $SALT)
# and usage
serverControl.sh -u admin -p $MYPASS -c shutdown
这篇关于在 bash 文件中隐藏/加密密码以防止意外看到它的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!