[Tutor] passwords in scripts
Danny Yoo
dyoo at hkn.eecs.berkeley.edu
Sun Jan 22 08:19:09 CET 2006
> > I've written a couple of scripts that check log files on our WIndows
> > and Unix servers. These scripts have plain text passwords in them, so
> > anyone who can access the filesystem of the Windows server that runs
> > the scripts can discover the passwords of the servers.
Hello,
I guess one question might be: why are the passwords there in the first
place? *grin*
It's usually a good idea to try avoiding hardcoding things in a program,
and that goes for passwords too. If you're using passwords to connect to
the Unix servers, you might want to consider looking at Keychain:
http://www.gentoo.org/proj/en/keychain/
to avoid having to do manual password entry. Alternatively, 'ssh' can
be used to run remote commands on a Unix server. There's a good example
of this here:
http://www.jdmz.net/ssh/
If you could tell us more details on why those passwords are there, we
might have some better suggestions.
Good luck!
More information about the Tutor
mailing list