hide sensitive info in a file

[babcia01]

I want to hide one field belonging to one of the lines of the ASCI file (that field happens to be password) so if someone does a cat or more on this file, the info for this field will be scrambled, not visible, hidden, etc.
What is the best method to accomplish it?
Thank you

 

[vgersh99]

man crypt vlad
+---------------------------+
|#include<disclaimer.h> |
+---------------------------+

 

[mrn]

Or you could compile your script using shc from

http://cbbrowne.com/info/unixshells.html

click on shell script compiler

Regards

--
| Mike Nixon
| Unix Admin
|

http://www.instantflashshop.com

----------------------------

 

[babcia01]

Thanks for the answers. I learned about the new shc compile tool which probably be helpful to me in the future.

However, I can not use it for my specific problem.

Let me explain my question another way.

What is the best method to protect your password in .netrc file. I am not satisfied with just doing chmod 600 .netrc?
I can not use an anonymous user.
I need to ftp from UNIX to Netware server using my password only.
Thank you

 

[grega]

To all intents and purposes, a 600 perm file is protected from all but the superuser. Is this your problem?

Greg.

 

[mrn]

What platform are you on? You could crate an ftp only account, but I guess that's not what your after.

you could grab the passwd from the /etc/passwd or /etc/shadow/passwd file

cat /etc/shadow/passwd|awk '{print $2}'

or something like

--
| Mike Nixon
| Unix Admin
|

http://www.instantflashshop.com

----------------------------

 

[Chapter11]

mode 600 on .netrc should be fine. In fact, FTP will refuse to use .netrc if the permissions are not secure.

 

[babcia01]

Basically, I want to submit this FTP in a background mode, from within crontab.

The password which I want to protect is the password for the target machine to which I want to FTP and it is different than my AIX password.

I still think that chmod to 600 is not enough since other UNIX admins can view my .netrc file as root supersuser.

Possibly, I was thinking about this method:

Built .netrc on a fly, every time the ftp is initiated from within crontab. This file will exist for the duration of the ftp, and then it will be deleted after the ftp is finished. As I create the. netrc file I will use previously generated encrypted password and decrypt it before inserting it on the first line of the .netrc file.

Of course, any time I change my password on the Netware server, I would need to encrypt this new password and save it again on my AIX home directory.

This seems to be too much.

Can you do something like this?

When creating .netrc file via VI or some other editor:

1) Type “xxx” - this will show on the screen
2) Type “yyy” - this will show on the screen
3) Within VI editor or some other editor, hit some control keys or some diting option to suppress the subsequently typed &quot;zzz&quot;
save the file

On the file view (by using cat/more): etc. I will never see &quot;zzz&quot;
but it will be really there?

I think that I am looking for something impossible, probably unreasonable and technically impossible?

Thanks again

 

[Chapter11]

Anything you can do as a user, root can do. It's a simple fact of unix.

If you have to decrypt it and use it cleartext, so can root.

The fact that it's cleartext over the wire doesn't help you either. You're trying to take excessive precautions to protect it in one place while it's simply going to end up being transmitted in the clear when you connect to another machine.

 

[art15t]

Well put chapter11,

I've trussed numerous network connections and seen the passwd fly-by.

Babcia01:

How's about you give access via an rhost entry on the remote machine and rcp the data? No passwords just a trusted entry!

adam

 

[Einstein47]

Is there a Novell version of ssh so that Babcia01 could use scp to send the file? I really don't know anything, I'm just offering a suggestion. Einstein47
(&quot;If vegetarians eat vegetables, what do humanitarians eat?&quot