InfinityQuest - Programming Code Tutorials and Examples with Python, C++, Java, PHP, C#, JavaScript, Swift and more

Menu
  • Home
  • Sitemap

Python Programming Language Best Tutorials and Code Examples

Learn Python Right Now!
Home
Bash
Using Passwords in Scripts in bash
Bash

Using Passwords in Scripts in bash

InfinityCoder April 3, 2017

You need to hardcode a password in a script.

This is obviously a bad idea and should be avoided whenever possible. Unfortunately, sometimes it isn’t possible to avoid it.
The first way to try to avoid doing this is to see if you can use sudo with the NOPASSWD option to avoid having to hardcode a password anywhere.

This obviously has its own risks, but is worth checking out.
Another alternative may be to use SSH with public keys and ideally restricted commands.

If there is no other way around it, about the best you can do is put the user ID and password in a separate file that is readable only by the user who needs it, then source that file when necessary .

Leave that file out of revision control, of course.

It may even be possible to use that SSH method to access other data on the same host, but it’s probably much more efficient to use sudo for that.

But what about accessing data in a remote database, perhaps using some SQL command?

There is not much you can do in that case.
Yes, you say, but what about crypt or the other password hashes?

The problem is that the secure methods for storing passwords all involve using what’s known as a one-way hash.

The password checks in, but it can’t check out.

In other words, given the hash, there is theoretically no way to get the plain-text password back out.

And that plain-text password is the point—we need it to access our database or whatever.
So secure storage is out.
That leaves insecure storage, but the problem here is that it may actually be worse than plain text because it might give you a false sense of security.

If it really makes you feel better, and you promise not to get a false sense of security, go ahead and use ROT13 or something to obfuscate the password.

ROT13 only handles ASCII letters, so you could also use ROT47 to handle some punctuation as well.

1
2
3
$ ROT13=$(echo password | tr 'A-Za-z' 'N-ZA-Mn-za-m')
 
$ ROT47=$(echo password | tr '!-~' 'P-~!-O')

 

Share
Tweet
Email
Prev Article
Next Article

Related Articles

Saving Output When Redirect Doesn’t Seem to Work in bash
You tried using > but some (or all) of the …

Saving Output When Redirect Doesn’t Seem to Work in bash

Finding Existing Files and Content Fast in bash
You’d like to be able to find files without having …

Finding Existing Files and Content Fast in bash

About The Author

InfinityCoder
InfinityCoder

Leave a Reply

Cancel reply

Recent Tutorials InfinityQuest

  • Adding New Features to bash Using Loadable Built-ins in bash
    Adding New Features to bash Using Loadable …
    June 27, 2017 0
  • Getting to the Bottom of Things in bash
    Getting to the Bottom of Things in …
    June 27, 2017 0

Recent Comments

  • fer on Turning a Dictionary into XML in Python
  • mahesh on Turning a Dictionary into XML in Python

Categories

  • Bash
  • PHP
  • Python
  • Uncategorized

InfinityQuest - Programming Code Tutorials and Examples with Python, C++, Java, PHP, C#, JavaScript, Swift and more

About Us

Start learning your desired programming language with InfinityQuest.com.

On our website you can access any tutorial that you want with video and code examples.

We are very happy and honored that InfinityQuest.com has been listed as a recommended learning website for students.

Popular Tags

binary data python CIDR convert string into datetime python create xml from dict python dictionary into xml python how to create xml with dict in Python how to write binary data in Python IP Address read binary data python tutorial string as date object python string to datetime python

Archives

  • June 2017
  • April 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
Copyright © 2021 InfinityQuest - Programming Code Tutorials and Examples with Python, C++, Java, PHP, C#, JavaScript, Swift and more
Programming Tutorials | Sitemap