davido: While I really appreciate your comments, this is a situation that cannot be satisfied by an encrypted solution. This is something that is on a fairly well protected network (1), gives access to a read-only user (2), and deals with a proprietary software client which doesn't support externally encrypted authentication methods(3). Finally, the reason for obfuscation, as opposed to encryption, is that the "stored" password has to be de-obfuscated in order to be passed to an expect program to log into another device (with the read-only account). So, disguising the password, and the disguising the code that disguises the password is sufficient for this particular situation. I understand and acknowledge the risks, and if the situation were different would most likely consider a (permanently) encrypted solution. However, for this particular situation, that simply won't work. Thus, the choice to go with obfuscation. We DO have a "Red Team" that likes to "play", but for the most part, they seem to be more concerned with the windows boxes in our environment, and this particular script resides on a Solaris box. Bottom line, encryption was considered as the preferred option, specifically SSH public key authentication, however, the device we're trying to connect to doesn't support it.

In response to 'Update2', it's all a game anyway. ;) For this particular situation, I'm not too interested in completely prohibiting *someone* from getting the data (password). But I definitely want to make them work for it. ;)

So, again, some tips on how to play "the game" would be much appreciated. :D Or at least directions to do some studying.

In reply to Re^2: How to hide a password in a script? by dataking
in thread How to hide a password in a script? by dataking

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.