hey guys,
is there a way to encrypt a hard coded passwd inside a shell script basically this is my script and i was to encrypt or hide the ftp password.
#!/bin/sh
HOST='XXXXXXXXX'
USER='XXXXXXXXXX'
PASSWD='XXXXXXXXXXX'
cd /tmp/ftptest
grep -c "{0000000#END#\>" * > NO_OF_CARDS
ftp -n $HOST <<END_SCRIPT
quote USER $USER
quote PASS $PASSWD
prompt off
ascii
cd /tmp/ftptest
mput *
quit
END_SCRIPT
exit 0
And i can't let the password popup as this script was intended to be automation for a file transfer.
Even if you encrypt the password somehow you would have to provide a mechanism available to the script to decrypt it, so you gain nothing. It is a fact that "ftp" uses clear-text passwords and this intrinsic insecurity cannot be changed or alleviated in any way. As the password is sent clear-text over the net in the login process every interested party can sniff it from there too. There is no way to prevent this. (Btw., the same is true for "telnet" and the other classical means of connecting from one system to the other.)
The only way is to use a securified means of communication: ssh/scp to be precise. In this case the password gets transmitted in an encrypted form, so sniffing is ruled out. You can also set up a "chain of trust" between two user/host-combinations so that userA from hostA can connect as userB to hostB without using a password (so you don't have to state one in your script) but using an exchanged secret both involved parties know. The basic procedure is to connect once, identified by the password and then to store the other hosts secret to a config file so that further connections do not need a password any more.
We have several threads dealing with the setup of such a mechanism, so i suggest you do a forum search for "scp" and/or "ssh" installation.
I hope this helps.
bakunin