|
|
How to Obscure Command Line Passwords
This all looks weird for me. In *nices normal approach is to get the password from the user interactively. In some cases it is possible to put it on command line, but the option with the password should be removed before displayed in the list of processes. Sometimes you can specify the password in a config file. In both cases you are warned that such a practice is insecure.
How to Obscure Command Line Passwords
By the way the same job as the perl script can be done in a pure shell, the advantage is that shell is always available. And moreover as far as I remember, you can turn off logging in bash.
Au contrair mon ami. First on a mac perl is always available. Second, the various other solutions posted here all rely on special features of bash, but not everyone uses bash. for example doing "read -s" in tsch won't work. But perl is always available. SO if you use tsch it's simple matter to change "export" to "setenv" in the perl script. The larger point is that the key concept is that you can obscure the password and avoid having it ever appear on the terminal history, scroll-back or in a config file by entering it indirectly via a script. How you actually implement the script is not important, but the above is a versatile way, amenable to many different shells in a language that is more extensible than any shell language. You could for example, have the perl extract the password from the keychain, or from a server on the net, or perhaps algorithmically generate the real password from some key word you insert. For instance, have the real password be the MD5 hash or the first letters of some easier to remember phrase like "mary had a little lamb". and let the perl do the conversion. But the bottom line is that "HINT" in this hint is just to indirectly load the variable so it's is obscured. It does not keep anyone on your computer from seeing it--that's a problem with all environment variables, but if you have that problem, you probably have other problems as well. relax! |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysNo new commentsLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.05 seconds |
|