Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'How to Obscure Command Line Passwords' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
How to Obscure Command Line Passwords
Authored by: SOX on Jul 06, '10 03:19:00PM
By the way the same job as the perl script can be done in a pure shell, the advantage is that shell is always available. And moreover as far as I remember, you can turn off logging in bash.

Au contrair mon ami.

First on a mac perl is always available. Second, the various other solutions posted here all rely on special features of bash, but not everyone uses bash. for example doing "read -s" in tsch won't work. But perl is always available. SO if you use tsch it's simple matter to change "export" to "setenv" in the perl script.

The larger point is that the key concept is that you can obscure the password and avoid having it ever appear on the terminal history, scroll-back or in a config file by entering it indirectly via a script. How you actually implement the script is not important, but the above is a versatile way, amenable to many different shells in a language that is more extensible than any shell language.

You could for example, have the perl extract the password from the keychain, or from a server on the net, or perhaps algorithmically generate the real password from some key word you insert. For instance, have the real password be the MD5 hash or the first letters of some easier to remember phrase like "mary had a little lamb". and let the perl do the conversion.

But the bottom line is that "HINT" in this hint is just to indirectly load the variable so it's is obscured. It does not keep anyone on your computer from seeing it--that's a problem with all environment variables, but if you have that problem, you probably have other problems as well. relax!

[ Reply to This | # ]