What is the best way to not store a password in a batch or bash script?

Z

zencd2012-08-27 21:49:19

Command line

zencd, 2012-08-27 21:49:19

There is a user script that, using a login / password, and does nothing else, does something remotely, for example, via HTTP.

I don't want to manually enter the password. In addition, the script can run automatically. I don't want to store the password in the script either.

What is better to use in such cases?

I do not count on maximum security, but I would like a more or less standard, more or less proven solution and that the password in its naked form does not glow at least.

The environment is primarily cmd.exe, but bash, linux, cygwin are also interested.

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

S

smartlight, 2012-08-27
@smartlight

NTFS permissions

M

Maximus5, 2012-08-27
@Maximus5

As an option, set a login / password by setting environment variables as a separate batch file, which, of course, should be in a protected (NTFS permissions, user catalog) place. From the first batch file we call "call ..." and login / password in variables.

V

Vladimir Chernyshev, 2012-08-27
@VolCh

I join the question, but I'm more interested in bash. I would arrange a variant like how sudo works - some time of inactivity and you need to enter a password to access the file / s with passwords.

P

phasma, 2012-08-27
@phasma

chmod 0700 and do not pass passwords in arguments when calling a script/application.

I

ixSci, 2012-08-28
@ixSci

Although the question says cmd, I'll still suggest Powershell+CryptoAPI. After all, using Powershell instead of cmd is not a problem.