HPE Community
Operating System - HP-UX
1831148 Members
2629 Online
110020 Solutions
New Discussion

encrypting shell file

 
SOLVED
Go to solution
andi_1
Frequent Advisor

‎06-19-2002 10:30 AM

‎06-19-2002 10:30 AM

encrypting shell file

Hi guys,

I wrote a shell script that will be shipped over to our customers. If there any way to encrypt the file so customers won't be able to see its contents. The script still must be executable?

Thanks a lot!
0 Kudos
Reply
6 REPLIES 6
steven Burgess_2
Honored Contributor

‎06-19-2002 10:41 AM

‎06-19-2002 10:41 AM

Re: encrypting shell file

Andy

There is something called crypt - I have not used this so not sure exactly how it works

man crypt

for more info

Regards

Steve
take your time and think things through
0 Kudos
Reply
Rodney Hills
Honored Contributor

‎06-19-2002 10:46 AM

‎06-19-2002 10:46 AM

Re: encrypting shell file

Generally speaking if the users have "root" access on their machine, they can look at anything. And to run a script (even an encrypted one) it must be put into plain text at some point. A knowledgable SA could determine it's contents pretty easily.

If secrecy is an issue, then create a "c" program and send only the executable.

-- Rod Hills
There be dragons...
0 Kudos
Reply
steven Burgess_2
Honored Contributor

‎06-19-2002 10:49 AM

‎06-19-2002 10:49 AM

Re: encrypting shell file

Andi

It appears as though crypt is used when sending mail - the receiver having to decrypt before reading

Below post for more

http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x28747bb04b5cd611abdb0090277a778c,00.html

As per Rodney's comments - If the users have root access to there systems - they can do anything - you also need read access to be able to execute

Steve
take your time and think things through
0 Kudos
Reply
Arockia Jegan
Trusted Contributor

‎06-19-2002 11:03 AM

‎06-19-2002 11:03 AM

Solution

Re: encrypting shell file

Hi,

You can use the crypt command to encrypt the data.

Or you can use the utility called PGP(Pretty Good Privacy) to encrypt/decrypt data. You need to download that from

http://www.pgpi.org/products/pgp/versions/freeware/unix/

After installing the utility create the public/private key. U should have the public key of the recipients. So that you can encrypt the data by using their ID(get it from their public key) and send the encrypted data to the recipients. They can decrypt the data/file by using their secret key(private key)/pass phrase. If u want more details on this I can send it to you.
Reply
A. Clay Stephenson
Acclaimed Contributor

‎06-19-2002 11:11 AM

‎06-19-2002 11:11 AM

Re: encrypting shell file

In essence, the answer is no as long as the customer has root access. If you want a secure solution, I suggest that you look into a product called 'Shell-lock' from these guys:
http://www.cactus.com/
It's not free but it's not terribly expensive either. It converts your shell script into a standalone executable.

If you had chosen Perl, I would have an answer for you. You could use the Filter module with a custom encrypt/decrypt routine. You could put in a few lines of plainttext in your script. (Copyrights, Version Numbers, ....) and then everything after the use Filter statement is encrypted data but is still executable.



If it ain't broke, I can fix that.
Reply
Patrick Wallek
Honored Contributor

‎06-19-2002 11:12 AM

‎06-19-2002 11:12 AM

Re: encrypting shell file

If I read your question correctly, you want to encrypt the script, but have so that it is still executable on your customers system. Is that correct?

If so, I know of no way to do this. Some options you have are to rewrite the script in C, and compile it. I believe PERL also has options to compile programs as well. That could also be an option.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.