Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need to not hardcode username and password in a script 2

Status
Not open for further replies.
netman4u

netman4u

Technical User
Joined
Mar 16, 2005
Messages
176
Location
US
Hello all,

I am writing a script that uses DBI to retrieve a list of router ip addresses from an Oracle DB and then log into each router and run a command and capture the output.

All well and good but I do not want to hard code the user names and passwords. Any way to have some type of encypted "shadow" file that retrieves the user names and passwords?

If there is no way I am thinking of using the Active State Perl Development kit to compile my code as a binary to run on Solaris 9. Anyone ever do that?

Thanks,

Nick

If at first you don't succeed, don't try skydiving.
 
Sort by date Sort by votes
You can use a reversible password-based encryption if only you and your program know the secret password to decode it.

I like Crypt::CipherSaber for this:
It uses RC4 encoding but it handles all the backend work of generating an RC4 key based on a password (since RC4 doesn't seem to encourage using textual passwords as the crypt key).
 
Upvote 0 Downvote
Thanks Kirsle. That seems to be what I am looking for. In regards to usage, do I write a seperate script to encript my passwords once as in:

Code: 
 # encrypt from and to a file
 open(INFILE, 'secretletter.txt') or die "Can't open infile: $!";
  open(OUTFILE, '>secretletter.cs1') or die "Can't open outfile: $!";
  binmode(INFILE);
  binmode(OUTFILE);
  $cs->fh_crypt(\*INFILE, \*OUTFILE, 1);

And then in my program decode it as in:

Code: 
 # decrypt from and to a file
  open(INFILE, 'secretletter.cs1') or die "Can't open infile: $!";
  open(OUTFILE, '>secretletter.txt') or die "Can't open outfile: $!";
  binmode(INFILE);
  binmode(OUTFILE);
  $cs->fh_crypt(\*INFILE, \*OUTFILE);


Or am I resding it wrong?


If at first you don't succeed, don't try skydiving.
 
Upvote 0 Downvote
Yeah, you'd have one script to run once and encode the file. Decoding it into a plain txt file isn't very efficient, because it opens a small margin for somebody to go in and read the unencrypted data.

For reading the file data, it might be best to load the encrypted file into memory (a scalar would be most useful), then run $cs->decrypt on that data, so that the encrypted data is brought in and decoded without being written anywhere in plain text format.
 
Upvote 0 Downvote
Thanks, it looks like this is what I am looking for.

If at first you don't succeed, don't try skydiving.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ss_ham
  • Locked
  • Question Question
in Perl find call looking to exclude folder and ignore duplicate finds.
Replies
2
Views
733
ss_ham
ss_ham
eslie
  • Locked
  • Question Question
Perl script behavior makes no sense!!!
Replies
0
Views
534
eslie
eslie
rob54321
  • Locked
  • Question Question
Perl how to read line from file with interpolation
Replies
6
Views
1K
rob54321
rob54321
newbie1238585
  • Locked
  • Question Question
Perl how to read string in csv file * as wildcard operator
Replies
2
Views
831
mikrom
mikrom
Bob6739
  • Locked
  • Question Question
Perl Beginner - Need Help
Replies
6
Views
881
feherke
feherke

Part and Inventory Search

Sponsor

Back
Top