在bash文件隐藏/加密密码,以阻止意外看到它 [英] Hide/encrypt password in bash file to stop accidentally seeing it
问题描述
很抱歉,如果这已被问过,我也查,但找不到任何东西...
Sorry if this has been asked before, I did check but couldn't find anything...
是否有Unix的一个函数来加密的和的批处理文件解密的密码,这样我可以管到它在bash文件中的一些其他命令?
Is there a function in Unix to encrypt and decrypt a password in a batch file so that I can pipe it into some other commands in a bash file?
我知道,这样做没有提供真正的安全,更要阻止有人不小心看到密码,如果他们在我的肩膀看脚本:)
I realise that doing this provides no real security, it is more to stop someone accidentally seeing the password if they are looking at the script over my shoulder :)
我运行在Red Hat 5.3。
I'm running on Red Hat 5.3.
我有一个脚本,做一些类似这样:
I have a script which does something similar to this:
serverControl.sh -u admin -p myPassword -c shutdown
和我愿做这样的事情:
password = decrypt("fgsfkageaivgea", "aDecryptionKey")
serverControl.sh -u admin -p $password -c shutdown
这并不保护以任何方式密码,但不小心看到它在我的肩膀阻止别人。
This doesn't protect the password in any way, but does stop someone from accidentally seeing it over my shoulder.
推荐答案
OpenSSL提供了一个 passwd文件< /一>命令可以加密,但不进行解密,因为它仅做散列。您也可以下载像 aesutil 所以你可以使用一个有能力的和众所周知的对称加密程序。
OpenSSL provides a passwd command that can encrypt but doesn't decrypt as it only does hashes. You could also download something like aesutil so you can use a capable and well-known symmetric encryption routine.
例如:
#!/bin/sh
# using aesutil
SALT=$(mkrand 15) # mkrand generates a 15-character random passwd
MYENCPASS="i/b9pkcpQAPy7BzH2JlqHVoJc2mNTBM=" # echo "passwd" | aes -e -b -B -p $SALT
MYPASS=$(echo "$MYENCPASS" | aes -d -b -p $SALT)
# and usage
serverControl.sh -u admin -p $MYPASS -c shutdown
这篇关于在bash文件隐藏/加密密码,以阻止意外看到它的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!