在bash文件隐藏/加密密码，以阻止意外看到它 [英] Hide/encrypt password in bash file to stop accidentally seeing it

问题描述

很抱歉，如果这已被问过，我也查，但找不到任何东西...

Sorry if this has been asked before, I did check but couldn't find anything...

是否有Unix的一个函数来加密的和的批处理文件解密的密码，这样我可以管到它在bash文件中的一些其他命令？

Is there a function in Unix to encrypt and decrypt a password in a batch file so that I can pipe it into some other commands in a bash file?

我知道，这样做没有提供真正的安全，更要阻止有人不小心看到密码，如果他们在我的肩膀看脚本：）

I realise that doing this provides no real security, it is more to stop someone accidentally seeing the password if they are looking at the script over my shoulder :)

我运行在Red Hat 5.3。

I'm running on Red Hat 5.3.

我有一个脚本，做一些类似这样：

I have a script which does something similar to this:

serverControl.sh -u admin -p myPassword -c shutdown

和我愿做这样的事情：

password = decrypt("fgsfkageaivgea", "aDecryptionKey")
serverControl.sh -u admin -p $password -c shutdown

这并不保护以任何方式密码，但不小心看到它在我的肩膀阻止别人。

This doesn't protect the password in any way, but does stop someone from accidentally seeing it over my shoulder.

推荐答案

OpenSSL提供了一个 passwd文件< /一>命令可以加密，但不进行解密，因为它仅做散列。您也可以下载像 aesutil 所以你可以使用一个有能力的和众所周知的对称加密程序。

OpenSSL provides a passwd command that can encrypt but doesn't decrypt as it only does hashes. You could also download something like aesutil so you can use a capable and well-known symmetric encryption routine.

例如：

#!/bin/sh    
# using aesutil
SALT=$(mkrand 15) # mkrand generates a 15-character random passwd
MYENCPASS="i/b9pkcpQAPy7BzH2JlqHVoJc2mNTBM=" # echo "passwd" | aes -e -b -B -p $SALT 
MYPASS=$(echo "$MYENCPASS" | aes -d -b -p $SALT)

# and usage
serverControl.sh -u admin -p $MYPASS -c shutdown

这篇关于在bash文件隐藏/加密密码，以阻止意外看到它的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！