Register
It is currently Tue Jul 29, 2014 12:41 am

Authenticating on the shell


All times are UTC - 6 hours


Post new topic Reply to topic  [ 2 posts ] 
Author Message
 PostPosted: Tue Apr 25, 2006 10:37 pm   

Joined: Mon Apr 24, 2006 2:39 pm
Posts: 30
Location: Villahermosa
Mysql, SSH, or su, they all need authentication, a password that can be typed to enter on their prompts.

I wonder how is this usually handled from a bash approach. Is this even possible? What are the risk (beside having your password embeded on the script) and if there are security resources (gnupg encription) to make a secure script.


Top
 Profile WWW ICQ YIM  
 PostPosted: Wed May 03, 2006 2:17 pm   
Moderator
User avatar

Joined: Wed May 03, 2006 2:05 pm
Posts: 242
Heya jza,

There are a few ways to do it, but each service that you're trying to authenticate with will be different.

SSH - SSH is really easy if you use keys, instead of passwords. Here's a simple howto for that:

http://www.cs.umd.edu/~arun/misc/ssh.html

You can also use Perl::Net::SSH if you can script in perl, but this option requires having the password listed in plain text in the script.


Mysql - Mysql also requires having the password in plain text in order to script anything, but it's really simple to use a seperate, secure file so that you don't accidentally give out your password if you share the script:

First, the plain command-line way:
Code:
# mysql -u'user' -p'password' dbname -e 'insert query here'


Next, the external file way:
Code:
# mysql -u'user' -p`cat /path/to/file` dbname -e 'insert query here'


(the `backticks` are important!)


su - There is an alternative that can be used without a password, and it's called "sudo". This is always a dangerous option, but if you have a user that you would like to be able to use to execute scripts with sudo priveledges, you can use visudo to add the following line to the sudoers file:

Code:
username ALL=(ALL) NOPASSWD: ALL


You can even restrict the user to only certain commands. I use the above on my desktop system because I get tired of typing my passwd every time I want to "su" to root ;-P

I hope this helps!

-Jeo


Top
 Profile YIM  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 6 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


BashScripts | Promote Your Page Too
Powered by phpBB © 2011 phpBB Group
© 2003 - 2011 USA LINUX USERS GROUP