On Tue, 06 Dec 2005 20:36:07 +0100, Tomasz Chmielewski wrote: > > It is to be a measure to prevent an accidental viewing of > usernames/passwords rather than some "military grade" tool which takes > 100 years to break on a supercomputer.
[I think this discussion is off topic for cygwin] Here are 2 simple bash scripts that do what you want. Both are filters (i.e. read standard input, write to standard output). The first one just obscures the input to all numeric string. The second one uses gpg, so you can do "real strong encryption", with encryption done by anyone while decryption done by the privileged user. Ehud #! /bin/bash -e # simple conversion to all numeric and back # -------------------------------------------------- OP="$1" # requested operation (--encrypt/--decrypt) INP=`cat` # input to encrypt/decrypt LEN=${#INP} # Length of input OUT="" # output (almost final) case "$OP" in "--encrypt" ) while [ "$INP" != "" ] do CH=${INP:0:1} # 1st char of input INP=${INP:1:$LEN} # rest of input OCT=`echo "$CH" | od -An -to1 -N1` # convert to octal EON=`expr 789 - $OCT` # not too obvious OUT="$OUT$EON" done ;; # OUT ready "--decrypt" ) while [ "$INP" != "" ] do EON=${INP:0:3} # 1st "inverted" octal of input INP=${INP:3:$LEN} # rest of input OCT=`expr 789 - $EON` # octal OUT="$OUT"'\'"$OCT" # add \ for decoding octals ' done ;; # OUT ready * ) echo "OP (1st arg) is |$OP|. should be --encrypt or --decrypt" exit 1 ;; esac echo -e "$OUT" # echo encrypted/decrypted to USER ############################## end of simple-crypt.sh ############################## #! /bin/bash -e # gpg encryption/decryption, must have gpg keys (public & private) # ---------------------------------------------------------------- KEY=$1 # gpg key, should be in pubring.gpg/secring.gpg OP=$2 # requested operation (--encrypt/--decrypt) PSP="$3" # passphrase (needed for --decrypt only) or empty GPGOPT="--default-recipient-self --batch --no-tty --always-trust --no-options --output -" if [ "$PSP" != "" ] ; then # do only when passphrase given exec 3<&0 # trick, save stdin stream echo "${PSP" | ( exec 4<&0 ; # set fd 4 to read from echo exec 0<&3 ; # restore original stdin (for gpg input) gpg --default-key $KEY $GPGOPT --passphrase-fd 4 $OP ) else gpg --default-key $KEY $GPGOPT $OP fi ############################## end of gpg-crypt.sh ############################## -- Ehud Karni Tel: +972-3-7966-561 /"\ Mivtach - Simon Fax: +972-3-7966-667 \ / ASCII Ribbon Campaign Insurance agencies (USA) voice mail and X Against HTML Mail http://www.mvs.co.il FAX: 1-815-5509341 / \ GnuPG: 98EA398D <http://www.keyserver.net/> Better Safe Than Sorry -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/