[Tutor] passwords in scripts

Danny Yoo dyoo at hkn.eecs.berkeley.edu
Sun Jan 22 08:19:09 CET 2006


> > I've written a couple of scripts that check log files on our WIndows
> > and Unix servers.  These scripts have plain text passwords in them, so
> > anyone who can access the filesystem of the Windows server that runs
> > the scripts can discover the passwords of the servers.

Hello,

I guess one question might be: why are the passwords there in the first
place?  *grin*


It's usually a good idea to try avoiding hardcoding things in a program,
and that goes for passwords too.  If you're using passwords to connect to
the Unix servers, you might want to consider looking at Keychain:

    http://www.gentoo.org/proj/en/keychain/

to avoid having to do manual password entry.  Alternatively, 'ssh' can
be used to run remote commands on a Unix server.  There's a good example
of this here:

    http://www.jdmz.net/ssh/


If you could tell us more details on why those passwords are there, we
might have some better suggestions.


Good luck!



More information about the Tutor mailing list