Reputation: 247
Ruby encrypting passwords to be stored in config file
I am looking for suggestions on how I can encrypt a password that will be stored in a config file so that it will not be in clear text? I will also need a way to decrypt the password after it is read in by the script? script is a simple ftp script and config file will be very simple containing host and user credentials. I am using yaml for the config file.
host = 'ftp.someftp.com'
id = 'jdoe'
pw = 'encrypted password'
If someone can point me in the right direction I would be most appreciative. There must be a simple way to do this or a gem out there for doing so.
Thanks MM
Upvotes: 3
Views: 9304
Answers (2)
Reputation: 8478
For encryption you can also use the bcrypt gem which is widely used and practical to use. Make sure you have bcrypt installed on your system otherwise the gem won't work.
To see how it works check out its Readme, especially the How to use bcrypt-ruby in general section.
Upvotes: 2
Reputation: 29635
Check out the OpenSSL library. Look for password-based encryption methods, such as AES. You also need a way to write the encrypted binary data as ASCII, in your configuration file.
Caveat: if you can encrypt it, anyone who can read the script can also see how you did it, and then they can decrypt it. So this is ok as long as you're protecting the passwords from casual/accidental viewing only.
Upvotes: 2
Related Questions
- Use Rails credentials encryption to encrypt files
- Safe way to store decryptable passwords in ruby
- How to store encrypted data?
- Looking for ways to encrypt password in text files on ruby on rails
- Encrypt User's password in seed file
- howto encrypt passwords in configuration files, grails [and java]
- Store passwords in Ruby script
- Encrypt a string with a password in ruby
- Rails database - how to store encrypted data using the user's password?
- How do I securely store passwords in a configuration file in a Ruby/Rails web server environment?