Re: [Bcrypt-users] bcrypt command line key entry
Status: Beta
Brought to you by:
jwshelley
Menu
▾
▴
Re: [Bcrypt-users] bcrypt command line key entry
|
From: <ph...@th...> - 2003-03-24 13:53:07
|
On Thu, 20 Mar 2003 12:15:18 -0700, Rick Cone wrote: >Can we enter the key on the command line with bcrypt (for unattended >operation...) > >Thanks, > >Rick Cone >Secure Payment Systems >801 8th St. Suite 150-D >Greeley, CO 80631 >970-352-9434 (office) >970-352-0122 (fax - call office first!) >rc...@se... ... This is considered a security hole, as any user would be able to see the password on the process list. One workaround, assuming you trust your filesystem, is to pipe the arguments in with '<' and '>'. In short, to automatically encrypt, have a file named foo with the password repeated twice, and use "bcrypt filename < foo" to encrypt it. To decrypt, have a filename with the password (only once) named bar, and use "bcrypt filename < bar" to decrypt. -Philip Stolarczyk |
