Store password in encrypted file with read & write access
Is there a way to store a password in a secured file in unix system?
That file can be readable and writtable by Unix shell script.I dont want to use any external libraries. Help to give some idea or cod开发者_C百科e snippet for native Unix encryptions.
Thanks!
By asking this question you basically tell everyone that the design of your system is flawed.
If you save a password, there are two use cases:
- Being able to check an entered password against the saved one
- Using the saved password for something (i.e. the application needs to retrieve it in plaintext)
For case 1 simply save a salted hash. That's secure and even if someone gets access to the hash he can't do much with it. Protecting it using standard UNIX filesystem permissions is way enough - chmod 600 and no other users (besides root) can access the file.
For case 2 encrypting it doesn't make much sense. Your application needs to be able to decrypt it anyway so it gives users looking at the file a false sense of security (if your application can decrypt it, everyone can). Using the filesystem permissions is usually secure enough.
Now you could say that even root shouldn't be able to access the password - a valid argument on a multi-user system. However, root could modify/replace your program anyway - so it would be a false sense of security again. Anyway, in that case you could encrypt it with a second password the user needs to enter everytime the password is to be read or written. Then you'd have something similar to the password manager browsers have where the stored passwords are protected with a master password.
You want to use the cryptographic API then. Take a look at this one: http://www.linuxjournal.com/article/6451?page=0,0
And if you want to do it by shell script, you can use 'md5sum' to encrypt strings.
精彩评论