Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

Passing a password to another process "safely" in Linux

by rastoboy (Monk)
on Jun 27, 2011 at 19:33 UTC ( [id://911599]=perlquestion: print w/replies, xml ) Need Help??

rastoboy has asked for the wisdom of the Perl Monks concerning the following question:

Greetings Brothers,

I hope you can forgive a question that isn't necessarily Perl related. I am forced to write a script that must log into a bastion server to log into *another* server to do stuff. I need to pass the root password to this script on the other machine.

On the local machine, I enter the password with no echo, and hold it in a variable in memory. I then ssh into the bastion host and execute another script there--and that's where I need to feed it the root password to the third box.

Simple, right? ;-)

I've contemplated sending it as an argument, but then it will show up in the process list. I've contemplated sending it over another socket, but that seems very complicated.

Any ideas?

Replies are listed 'Best First'.
Re: Passing a password to another process "safely" in Linux
by belg4mit (Prior) on Jun 27, 2011 at 21:16 UTC
    Why not use some combination of existing tools such as ssh keys and system groups or sudo to authenticate and authorize the user?

    --
    In Bob We Trust, All Others Bring Data.

Re: Passing a password to another process "safely" in Linux
by chrestomanci (Priest) on Jun 27, 2011 at 21:24 UTC

    As it happens I have been working on a similar problem myself recently.

    The approaches I considered where to pass the password as and environment variable, or to pipe it to the child process on it's stdin.

    Both are a bit more secure than a plain argument on the command line, but neither is that secure. For example on linux you can read the environment variables of any process by reading /proc/<pid>environ (Try: hexdump /proc/$$/environ -C to read the environment of your shell). Data piped thru stdin on the child is probably a bit more secure, as it is transient, but I dare say there would be a way for an attacker to read it.

    The bottom line is that if an attacker already has root on the destination box, and is prepared to put some time into it, he can subvert any security scheme you can come up with, so what you need to do is come up with a threat model and work out what kind of attacker you need to defend against. How clever are they? What privileges do they have on the box?

Re: Passing a password to another process "safely" in Linux
by sundialsvc4 (Abbot) on Jun 29, 2011 at 12:48 UTC

    I would use an existing “secure tunneling” protocol, such as VPN or SSH, both using digital certificates, not passwords, as the foundation of my system.   Establish a secure channel of communication between the two systems using existing technologies, and use it for the entire interaction.

    A “hacker” would have to gain possession of both the digital certificate and the password used to encrypt it.   (And, if you like, the IP-address embedded therein, depending on exactly what technology you use.)   Not gonna happen, presumably.   And if it somehow did, you simply invalidate that cert and issue another one.   (None of this costs money.)   Both sides know not only that their communications are secure, but that they are talking to the intended party.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://911599]
Approved by Marshall
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others surveying the Monastery: (4)
As of 2024-03-29 04:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found