On Tue, 6 Dec 2005, Tomasz Chmielewski wrote: > Wayne Willcox schrieb: > > > On Tue, Dec 06, 2005 at 02:58:15PM -0500, Jim Drash wrote: > > > > > Don't put the user names or passwords in the script put them in a file > > > only readable by SYSTEM > > > that would not solve the requirement of protecting the passwords > > if the disk was stolen. The scripts are supposedly already > > readable by system and admin only. > > > > That's exactly what I mean (they are already readable by SYSTEM and admins > only). > > If the disk is stolen, it would add some extra time before the password is > compromised. > > Someone gave a clue here: > > http://cygwin.com/ml/cygwin/2005-12/msg00181.html > > "instead of storing them plaintext, why don't you try encoding them via > cryptographic hashes - md5, sha1, tiger and the like." > > But I don't really know where to start (which tool should I use for it?)
Umm, "crypt"? As in stored_password=42wlq4L2SDUdw echo -n "Enter your password: "; stty -echo; read password; stty echo if [ x"`crypt 42 "$password"`" = x"$stored_password" ]; then echo "Access granted" else echo "Invalid password" fi (the '42' above is the "salt" -- see "man crypt"). HTH, Igor -- http://cs.nyu.edu/~pechtcha/ |\ _,,,---,,_ [EMAIL PROTECTED] ZZZzz /,`.-'`' -. ;-;;,_ [EMAIL PROTECTED] |,4- ) )-,_. ,\ ( `'-' Igor Pechtchanski, Ph.D. '---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow! If there's any real truth it's that the entire multidimensional infinity of the Universe is almost certainly being run by a bunch of maniacs. /DA -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/