Perhaps you are asking about something like How can a script use a password without making the password visible?

G'day chandantul,

It's unclear exactly what you are doing, so I can only give a general answer.

Firstly, don't store plain-text passwords. When a password is set (or changed) pass it through a hashing algorithm (or similar) and store the result. Subsequently, when a user presents a password for authentication, pass that through the same algorithm and compare the result with what's already stored: if they're the same, grant access; if different, deny access.

Both perlfaq8 and perlfaq9 have information about passwords.

You should probably also look into the various algorithms available, whether you are going to ensure users use strong passwords, how often the passwords need to be changed, how many failed access attempts are allowed before account suspension, and so on. It's a big topic and your question, as I said, can only attract a general answer.

Your requirements aren't clear. See I know what I mean. Why don't you?
We can try to find solutions only for stated problems. If the password is encrypted, perl will read the encrypted password from the config file. Where's the problem?

What you are asking is fundamentally not possible. If the script can decrypt the password, so can anyone with access to the script, by examining the script to obtain the key.

At best, you can obfuscate the stored password. I suggest MIME::Base64 for that.

Hi,

I think that https://metacpan.org/pod/GnuPG will achive your goal.

Cheers,

Xavier

I think that https://metacpan.org/pod/GnuPG will achive your goal.

and where will the password / private key be saved? in the script?