Hello Team,
I have the need to encrypt/decrypt a one word string. The encrypted word
will be saved in a file.
Later the word will be picked-up from the file, decrypt it at execution
time, and use it as a UNIX password to perform certain function that
requires authentication.
What Ruby facility is available for this simple function?
Thank you
--
Ruby Student
The problem is:
Even if the UNIX password is encrypted by the Ruby programm, if an attacker
can see the Ruby code it can know how to decrypt it.
El Jueves, 5 de Febrero de 2009, Ruby Student escribió:
Hello Team,
I have the need to encrypt/decrypt a one word string. The encrypted word
will be saved in a file.
Later the word will be picked-up from the file, decrypt it at execution
time, and use it as a UNIX password to perform certain function that
requires authentication.
What Ruby facility is available for this simple function?
--
Iñaki Baz Castillo
Rotate the password in the file. Remember the rotation level. And
then...
require 'crypt/rot13'
rotation = 4
encrypted_password = IO.read(some_file)
password = Crypt::Rot13.new(encrypted_password, -rotation)
MWAHAHAHAH!
Hey, you didn't specify the _level_ of encryption. >:)
Regards,
Dan
On Feb 5, 12:30 pm, Ruby Student <ruby.stud...@gmail.com> wrote:
Hello Team,
I have the need to encrypt/decrypt a one word string. The encrypted word
will be saved in a file.
Later the word will be picked-up from the file, decrypt it at execution
time, and use it as a UNIX password to perform certain function that
requires authentication.
What Ruby facility is available for this simple function?
Iñaki,
You are correct. However, we are behind several firewalls.
Also, the file with the encripted password will be place within a "secured"
dir.
Thank you
On Thu, Feb 5, 2009 at 2:52 PM, Iñaki Baz Castillo <ibc@aliax.net> wrote:
El Jueves, 5 de Febrero de 2009, Ruby Student escribió:
> Hello Team,
>
> I have the need to encrypt/decrypt a one word string. The encrypted word
> will be saved in a file.
> Later the word will be picked-up from the file, decrypt it at execution
> time, and use it as a UNIX password to perform certain function that
> requires authentication.
> What Ruby facility is available for this simple function?The problem is:
Even if the UNIX password is encrypted by the Ruby programm, if an attacker
can see the Ruby code it can know how to decrypt it.--
Iñaki Baz Castillo
--
Ruby Student
Ah, yes, the famous 2ROT13 encryption algorithm:
http://www.mobikom.at/2rot13.pdf
Cheers,
On Feb 5, 2009, at 10:40 PM, Daniel Berger wrote:
Hey, you didn't specify the _level_ of encryption. >:)
It seems there are some solutions:
http://snippets.dzone.com/posts/show/991
http://snipplr.com/view/3958/encrypting--decrypting-passwords-using-ezcrypto/
http://stuff-things.net/2007/06/11/encrypting-sensitive-data-with-ruby-on-rails/
http://groups.google.cl/group/rubyonrails-talk/browse_thread/thread/ce2413fd2e2929b2
El Jueves, 5 de Febrero de 2009, Ruby Student escribió:
You are correct. However, we are behind several firewalls.
Also, the file with the encripted password will be place within a "secured"
dir.
--
Iñaki Baz Castillo
Or at the other extreme use OpenSSL. You'll find RSA and DSA examples in most of the presentations linked in my sig.
To be honest though, unless it's a long word you're encrypting you probably shouldn't worry about it.
Ellie
Eleanor McHugh
Games With Brains
http://slides.games-with-brains.net
On 5 Feb 2009, at 21:58, Petite Abeille wrote:
On Feb 5, 2009, at 10:40 PM, Daniel Berger wrote:
Hey, you didn't specify the _level_ of encryption. >:)
Ah, yes, the famous 2ROT13 encryption algorithm:
----
raise ArgumentError unless @reality.responds_to? :reason
Well... I'd rather do something different: set up ssh with ssh-agent
so that you can do automated logins. Not sure whether that works with
Ruby's Net::SSH but you can fork a SSH shell via system or IO.popen.
Of course, in this scenario someone has to enter the passphrase
once...
My 0.02EUR
Kind regards
robert
2009/2/5 Ruby Student <ruby.student@gmail.com>
On Thu, Feb 5, 2009 at 2:52 PM, Iñaki Baz Castillo <ibc@aliax.net> wrote:
> El Jueves, 5 de Febrero de 2009, Ruby Student escribió:
> > Hello Team,
> >
> > I have the need to encrypt/decrypt a one word string. The encrypted word
> > will be saved in a file.
> > Later the word will be picked-up from the file, decrypt it at execution
> > time, and use it as a UNIX password to perform certain function that
> > requires authentication.
> > What Ruby facility is available for this simple function?
>
> The problem is:
> Even if the UNIX password is encrypted by the Ruby programm, if an attacker
> can see the Ruby code it can know how to decrypt it.
You are correct. However, we are behind several firewalls.
Also, the file with the encripted password will be place within a "secured"
dir.
--
remember.guy do |as, often| as.you_can - without end
Actually Robert, your idea might work. Let me give you the background:
We have two AIX (IBM flavor of UNIX) servers, s1 and s2 for argument sake.
s1 is an application server, while s2 is a DB2 server.
There is an SQL utility on s2 which we need to trigger (run), and which
execution will be initiated on s1 via ssh.
The Ruby utility running on s1 will eventually receive a return code from
the SQL utility running on s2 and will take appropriate action based on the
RC.
Now, to execute the SQL utility in the DB2 server, one has to use a
userid/pw which exists on DB2.
We want to encrypt the pw once, which a user will entered, and save it in a
file.
The Ruby utility will read that file and at execution time decipher the pw
and send the request.
We don't want to place an un-encrypted pw in a file, which is why I wanted a
cypher/decipher utility.
I found that crypt is one way encryption utility. In other words, I can
cypher but can't decipher with it.
Thanks to everyone for their input so far.
On Fri, Feb 6, 2009 at 8:46 AM, Robert Klemme <shortcutter@googlemail.com>wrote:
2009/2/5 Ruby Student <ruby.student@gmail.com>
>
> On Thu, Feb 5, 2009 at 2:52 PM, Iñaki Baz Castillo <ibc@aliax.net> > wrote:
>
> > El Jueves, 5 de Febrero de 2009, Ruby Student escribió:
> > > Hello Team,
> > >
> > > I have the need to encrypt/decrypt a one word string. The encrypted
word
> > > will be saved in a file.
> > > Later the word will be picked-up from the file, decrypt it at
execution
> > > time, and use it as a UNIX password to perform certain function that
> > > requires authentication.
> > > What Ruby facility is available for this simple function?
> >
> > The problem is:
> > Even if the UNIX password is encrypted by the Ruby programm, if an
attacker
> > can see the Ruby code it can know how to decrypt it.> You are correct. However, we are behind several firewalls.
> Also, the file with the encripted password will be place within a
"secured"
> dir.Well... I'd rather do something different: set up ssh with ssh-agent
so that you can do automated logins. Not sure whether that works with
Ruby's Net::SSH but you can fork a SSH shell via system or IO.popen.
Of course, in this scenario someone has to enter the passphrase
once...My 0.02EUR
Kind regards
robert
--
remember.guy do |as, often| as.you_can - without end
--
Ruby Student