topic Scritping in Operating System - HP-UX

Scritping

Louis Mushandu — Wed, 20 Sep 2000 18:02:05 GMT

I have scripted a password retrieval utility. I need the passwords to be encrypted; this I have achieved by storing them in a file accessible using "vi -x ". My problem is that of opening the file so it is readable grepping for the password field displaying that password and then closing it. I have tried copying to an interim file via

echo ZZ | vi -x wpass > wpasstemp

but this then throws me out of my script after I have typed in the decryption key. Is there a better way of doing this whilst maintaining the integrity of the password file via encryption. I would intend to remove the wpasstemp file immediately.

Thanks.

Re: Scritping

Tom Danzig — Wed, 20 Sep 2000 18:10:01 GMT

Look into using the crypt command as opposed to using vi for encryption. Do am man on crypt. You should be able to achive what you're looking for.

Re: Scritping

Dan Garthwaite — Wed, 20 Sep 2000 18:11:10 GMT

vi -x uses the crypt() library.
crypt is also a command, try this:

crypt PASSWORD < filename | grep ...

Note: the PASSWORD will show up in the process list in that brief execution time.

Re: Scritping

James R. Ferguson — Wed, 20 Sep 2000 18:30:39 GMT

Louis:

A very recent thread may be of interest to you on this:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,1150,0x66ec6c96588ad4118fef0090279cd0f9,00.html

...JRF...

Re: Scritping

Anthony Goonetilleke — Wed, 20 Sep 2000 19:15:35 GMT

Here is a C program to do the encryption
#include
#include

int main (void)
{
int result;
result=check_pass("password","24489");
printf ("%d",result);
}

int check_pass(const char *plainpw, const char *cryptpw)
{
printf ("%sn",crypt(plainpw,cryptpw));
return strcmp(crypt(plainpw,cryptpw), cryptpw) == 0;
}

Re: Scritping

Anthony Goonetilleke — Wed, 20 Sep 2000 19:18:29 GMT

Also a perl program that does a similar thing... (watch out for that seed)

#!/usr/local/bin/perl
# Usage:
#
# enc_passwd _plaintxt_ [ _salt_ ]
#
# When trying to compare a plaintext password to an already-existing
# encrypted password, use the first two characters of the encrypted
# password as the salt. If you are generating a new encrypted password,
# omit the second argument and the script will generate a random salt.
#
# Note: only the first 8 characters of the plaintext and the first 2
# characters of the salt are significant. Extra characters are silently
# ignored.
#
srand(time);
if
(scalar(@ARGV) == 0) { die "Usage:n enc_passwd _plaintxt_ [ _salt_ ]n"; }
$plaintext=$ARGV[0];
$alphabet="./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
";
if (length($ARGV[1]) >= 2) { $salt=$ARGV[1]; } else { substr($salt, 0, 1)=s
ubstr($alphabet,rand(63), 1); substr($salt, 1, 1)=substr($alphabet, rand(63), 1); } $cipher
text=crypt($plaintext,$salt); print $ciphertext, "n";