|
How to put password in file safe?
Hello i have script and need automatuc password to enter.
script is execute trough user http. I want to store password safe, not in plain in config file. How can I do? TIA |
This is unclear (at least for me)
Quote:
Which language is it? What kind of environment is it? |
If you must store a password, then just store it in a plain text file with permission 0400 (r for user http, none for anyone else). There is no point in obfuscating the password; if the script can decode it then anyone can. Use expect to read $(cat privatedirectory/passwordfile) and enter the password. Don't use the same password anywhere else or for anything critical, as this is not very safe. Also don't do what sshpass does, which is to put the password in plain text on the command line, where anyone doing ps can see it.
|
apache auth is the recommended method to password pages or sections of a web site.
Access is configured in the config file or a .htaccess file. https://httpd.apache.org/docs/current/howto/auth.html The password(s) are stored in a file not in the web root, and are encrypted. |
| All times are GMT -5. The time now is 12:48 PM. |