CODEWITHSUNDEEP
linuxbashshellencryptionopenssl
Pritom
Pritom

Reputation: 1333

Encrypt a file using bash shell script

I want to encrypt a file using openssl. I can do it by using 

openssl des3 -salt -in /pritom/uaeyha_com.sql -out /pritom/a.ss

When I run this command, it gets password from me two times. I want to set password with the script and I used 

openssl des3 -salt -in /pritom/uaeyha_com.sql -out /pritom/a.ss -pass pritom

but it gives me the following error:

Invalid password argument "pritom"
Error getting password

What can I do now?

Upvotes: 13

Views: 14388

Answers (2)

Danny
Danny

Reputation: 39

to hide it from the ps command use :

temp_varX=pritom ;
openssl .....  -pass fd:0 <<< "$temp_var"

Upvotes: 3

jaypal singh
jaypal singh

Reputation: 77095

Try something like this - 

openssl des3 -salt -in /pritom/uaeyha_com.sql -out /pritom/a.ss -pass pass:pritom

From the man page:

PASS PHRASE ARGUMENTS
Several commands accept password arguments, typically using -passin and -passout for input and output passwords respectively. These allow the password to be obtained from a variety of sources. Both of these options take a single argument whose format is described below. If no password argument is given and a password is required then the user is prompted to enter one: this will typically be read from the current terminal with echoing turned off.

   pass:password
             the actual password is password. Since the password is visible to utilities (like 'ps' under Unix)
             this form should only be used where security is not important.

   env:var   obtain the password from the environment variable var. Since the environment of other processes is
             visible on certain platforms (e.g. ps under certain Unix OSes) this option should be used with
             caution.

   file:pathname
             the first line of pathname is the password. If the same pathname argument is supplied to -passin and
             -passout arguments then the first line will be used for the input password and the next line for the
             output password. pathname need not refer to a regular file: it could for example refer to a device
             or named pipe.

   fd:number read the password from the file descriptor number. This can be used to send the data via a pipe for
             example.

   stdin     read the password from standard input.

Upvotes: 12

Related Questions