Mail Archives: cygwin/2005/12/05/01:42:17

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2005/12/05/01:42:17

X-Spam-Check-By: sourceware.org

Message-ID: <deca9ec80512042242h44317cexf2878291acddcc8a@mail.gmail.com>

Date: Sun, 4 Dec 2005 22:42:04 -0800

From: nidhog <nidhog AT gmail DOT com>

To: cygwin AT cygwin DOT com

Subject: Re: encoding scripts (so that user can't see passwords easily)?

In-Reply-To: <20051204173646.GA28855@trixie.casa.cgf.cx>

MIME-Version: 1.0

References: <4392D119 DOT 7080409 AT wpkg DOT org> <20051204173646 DOT GA28855 AT trixie DOT casa DOT cgf DOT cx>

X-IsSubscribed: yes

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id jB56gGZb004366

On 12/4/05, Christopher Faylor <cgf-no-personal-reply-please AT cygwin DOT com> wrote:
> On Sun, Dec 04, 2005 at 12:20:57PM +0100, Tomasz Chmielewski wrote:
> >I have a little open-source project, which eases Windows administration
> >a bit.
> >
> >In some of the scripts, I use usernames and passwords (to get to a
> >password-protected network share etc.).
> >Because they are scripts, username and password is in plain.
> >
> >Although the script files are only readable by SYSTEM and
> >Administrators, if a disk is stolen, someone could easily get the
> >passwords by doing simple "grep -r password ./*".
> >
> >Do you know some tool which could "encode" scripts?

instead of storing them plaintext, why don't you try encoding them via
cryptographic hashes - md5, sha1, tiger and the like.

while it's still vulnerable to bruteforce if they get your hashed
passwords, you can mitigate the risk by requiring longer/more complex
passwords.

at least it's not as easy as grep'ping for the plaintext password left
alone naked all out in the open.


--
/nh

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Spam-Check-By:	sourceware.org
Message-ID:	<deca9ec80512042242h44317cexf2878291acddcc8a@mail.gmail.com>
Date:	Sun, 4 Dec 2005 22:42:04 -0800
From:	nidhog <nidhog AT gmail DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: encoding scripts (so that user can't see passwords easily)?
In-Reply-To:	<20051204173646.GA28855@trixie.casa.cgf.cx>
MIME-Version:	1.0
References:	<4392D119 DOT 7080409 AT wpkg DOT org> <20051204173646 DOT GA28855 AT trixie DOT casa DOT cgf DOT cx>
X-IsSubscribed:	yes
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Unsubscribe:	<mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id jB56gGZb004366