This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: encoding scripts (so that user can't see passwords easily)?


Ehud Karni wrote:
> On Tue, 06 Dec 2005 20:36:07 +0100, Tomasz Chmielewski wrote:
>> 
>> It is to be a measure to prevent an accidental viewing of
>> usernames/passwords rather than some "military grade" tool which
>> takes 100 years to break on a supercomputer.
> 
> [I think this discussion is off topic for cygwin]
> 
> Here are 2 simple bash scripts that do what you want. Both are
> filters (i.e. read standard input, write to standard output). The
> first one just obscures the input to all numeric string. The second
> one uses gpg, so you can do "real strong encryption", with encryption
> done by anyone while decryption done by the privileged user.    
> 
> Ehud
> 
> 
> #! /bin/bash -e
> # simple conversion to all numeric and back #
> -------------------------------------------------- 
> 
> OP="$1"                    # requested operation (--encrypt/--decrypt)
> INP=`cat`                  # input to encrypt/decrypt
> LEN=${#INP}                # Length of input
> OUT=""                     # output (almost final)
> 
> case "$OP" in
>    "--encrypt" )
>        while [ "$INP" != "" ]
>        do
>            CH=${INP:0:1}                       # 1st char of input
>            INP=${INP:1:$LEN}                   # rest of input
>            OCT=`echo "$CH" | od -An -to1 -N1`  # convert to octal
>            EON=`expr 789 - $OCT`               # not too obvious
>            OUT="$OUT$EON"
>        done    ;;                              # OUT ready
> 
>    "--decrypt" )
>        while [ "$INP" != "" ]
>        do
>           EON=${INP:0:3}                       # 1st "inverted" octal
>           of input INP=${INP:3:$LEN}                    # rest of
>           input OCT=`expr 789 - $EON`                # octal
>           OUT="$OUT"'\'"$OCT"                  # add \ for decoding
>        octals ' done    ;;                              # OUT ready
> 
>    * ) echo "OP (1st arg) is |$OP|. should be --encrypt or --decrypt"
>        exit 1  ;;
> esac
> 
> echo -e "$OUT"                                 # echo
> encrypted/decrypted to USER 
> 
> ############################## end of simple-crypt.sh
> ############################## 
> 
> 
> #! /bin/bash -e
> # gpg encryption/decryption, must have gpg keys (public & private) #
> ---------------------------------------------------------------- 
> 
> KEY=$1                     # gpg key, should be in
> pubring.gpg/secring.gpg 
> OP=$2                      # requested operation (--encrypt/--decrypt)
> PSP="$3"                   # passphrase (needed for --decrypt only)
> or empty 
> 
> GPGOPT="--default-recipient-self --batch --no-tty --always-trust
> --no-options --output -" 
> if [ "$PSP" != "" ] ; then # do only when passphrase given
>     exec 3<&0              # trick, save stdin stream
> 
>     echo "${PSP" |
>     (  exec 4<&0 ;         # set fd 4 to read from echo
>        exec 0<&3 ;         # restore original stdin (for gpg input)
>        gpg --default-key $KEY $GPGOPT --passphrase-fd 4 $OP ) else
>     gpg --default-key $KEY $GPGOPT $OP
> fi
> 
> ############################## end of gpg-crypt.sh
> ############################## 

Are we forgetting the classic?  As long as we don't care how strong the
encryption is, what about rot13?

#!/bin/sh
tr 'A-Za-z' 'N-ZA-Mn-za-m'

(Maybe I should ITP rot13.)  And there's always uuencode/uudecode.

:-)

- Barry

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]