On Thu, 22 Mar 2001, Andrew So Hing-pong wrote:
> I would like to write a ftp scripting for automation some jobs
> with security. I know someone MUST suggest using scp2 or sftp2....etc.
Obligatatory "use scp, stfp, or rsync over ssh" statement.
> But based on the user's requirement, I must using ftp scripting.
> Now the script is
>
> ftp.sh
> ftp -n << -EOF
> open <hostname>
> user <user> <password>
> ...
> ....
> quit
>
> As you know, <password> is a plain text with readable by other. Now
> I want to write some with crypt the password like
>
> ftp.sh
> ftp -n << -EOF
> open <hostname>
> user <user> `decode <masked-password>`
> ...
> ....
> quit
>
> Any suggestion or comment ? As I know, I can use MD5, DES3 or RSA
> alog...
> But I don't know how to implement and how to start. Would you please
> giving me some hints based on above mentioned three alog.. to write by
> personal decoding function.
Any decode method you implement will be virtually as effective as
plaintext, unless it requires some sort of passphrase to unlock the decode
key (in which case you may as well prompt the user for the password).
Anyone who has access to the source of the script can in theory run
"decode <masked-password>" to get the password, no?
So if your goal is simply obfuscation, simply set the script to be
readable only by the trusted user. If you can't do that, ROT13 is going to
be as effective a cipher as any other method.
tr 'a-z' 'n-za-m'
thornton
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
