working with plain text passwords in shell/telnet script

Forum Moderators: coopster

Message Too Old, No Replies

working with plain text passwords in shell/telnet script

What's the best way to store passwords that need to be echoed to script?

broniusm

10:21 pm on Dec 13, 2005 (gmt 0)

I've got a crafty script that uses a really nice little php telnet class [px.sklar.com] to feed commands via telnet to a remote application. Part of the script, however, is logging in: once to the remote unix host, x-times into submodules of the application itself.

What is the best way to store these passwords so that at the time of execution, they're transmittable as plain text but so they're not easily retrieved via code source, db view, or external file view?

coopster

5:17 pm on Dec 14, 2005 (gmt 0)

You could keep them in a text file below the publicly accessible document root and read them from there with your script using PHP's Filesystem functions [php.net].

broniusm

5:33 pm on Dec 14, 2005 (gmt 0)

hmm. That's a good idea-- but the password would still need to be in plain text? The script itself is already generally inaccessible-- it's a php commandline script that I have cron'd.

Is there any simple pseudo-encryption in php that would at least obfuscate the passwords a little bit?

coopster

6:25 pm on Dec 14, 2005 (gmt 0)

You could make up your own, kind of like a ROT13 (str_rot13 [php.net]) except in reverse order, you would store the *encrypted* version of this in the text file and rebuild it to it's original value by running it through your own user-defined function.

broniusm

6:45 pm on Dec 14, 2005 (gmt 0)

excellent! I think if I'm at all paranoid about security, I could even take rot13 and make it rotX where X is dependent upon some variable..

well, I certainly appreciate your responses. I'm on track now.