Passing Passwords

rauljuan has asked for the wisdom of the Perl Monks concerning the following question:

A little history of the problem:
I have built a Perl/TK GUI that I will use to connect to several different sun stations. When I first launch the GUI, I login in with my user/pass which is the user/pass I will use to connect to all sun stations. When I click a button, the GUI launches a:

system("xterm -e /PATH/TO/LOGIN_PERL_SCRIPT &");
[download]

The LOGIN_PERL_SCRIPT uses Expect.pm to automatically log me in. LOGIN_PERL_SCRIPT has the user/pass because the GUI writes it to a file and then the LOGIN_PERL_SCRIPT opens the file, gets the user/pass, and deletes the file. This way no one can do a ps -ef and grab the user/pass if I were to use my ($user,$pass)=@ARGV to get it from command line.

QUESTION:
How, if possible, can I set user/pass as Global Variable that be read by LOGIN_PERL_SCRIPT? Is it possible to write user/pass to a memory location that can be called by other programs, or something along these lines?
Thanks in advanced...

Comment on Passing Passwords Download Code

Replies are listed 'Best First'.
Re: Passing Passwords by Abigail-II (Bishop) on Nov 15, 2002 at 16:18 UTC
Instead of `system`, you can use a pipe and pass the information via the pipe. Then the password doesn't appear in a file, nor can it be found with ps from either the command line, or an environment variable. As for the global variable suggestion - think about it. Even if it were possible, how would you prevent other programs from reading it? Abigail	[reply] [d/l]
Re: Passing Passwords by Notromda (Pilgrim) on Nov 15, 2002 at 21:23 UTC
Use ssh and ssh-agent. Use RSA keys. I can log into any of my boxes without ever typing a password, except once to ssh-add. Check out OpenSSH.	[reply]
Re: Passing Passwords by grantm (Parson) on Nov 15, 2002 at 23:54 UTC
As Notromda said, SSH can be set up to support remote logins without password prompts. I do a lot of work from a Linux GNOME desktop and developed this GNOME Panel Applet SSH Menu using Gtk. This allows me to select a hostname from the menu and pop up a new terminal window which is automatically logged in to that host. I enter my password into the SSH Agent once at the start of the session and SSH gets keys from the agent to perform the automatic logins.	[reply]