in reply to Re: Mention password in the script -encrypted form
in thread Mention password in the script -encrypted form

If you can suggest me a way in which I will not reveal the password in clear text (anywhere in the script) that will be great We are mentioning in clear text $passwd ="abc123" .I think there must be a way where I can declare $passwd="GHYFtg56" where decrypt(GHYFtg56) = abc123 I hope I made my question clear
  • Comment on Re^2: Mention password in the script -encrypted form

Replies are listed 'Best First'.
Re^3: Mention password in the script -encrypted form
by jethro (Monsignor) on Feb 19, 2009 at 19:54 UTC

    If a function decrypt(GHYFtg56) were possible crypt() would be useless for storing passwords as anyone else (including the attacker) could do the decyphering too. You would have won nothing by storing it as "GHYFtg56".

    cryptographic hash function must have the property that it is easy to create the hash (i.e use crypt()) but impossible to do the inverse (i.e. decrypt()) in acceptable time.

    In other words: Your script needs to know some password to do something. Whatever the script knows, everyone with access to the script can find out too. The only exception is if the script stores the information somewhere else. See my other post here for a possible method

[reply]

In Section Seekers of Perl Wisdom