Announcement

Collapse
No announcement yet.

How to Crypt an sh script into Linux Environnement?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to Crypt an sh script into Linux Environnement?

    Hello,

    I have a question, how can I crypt my scripts?, for exemple, sometimes I've some sh scripts and when I VI's it they just show me a crypted file and not a plained text file.
    How Can I transform my plained text scripts into an crypted script?

    Thank You

  • #2
    If perhaps hiding the script's source code is the goal, you may want to look at shc. Be aware, I've never actually used this until today. Capabilities, at least for my simple one linprogram /bin/sh test script

    Normally , you can test using gpg to encrypt the script and give each user the password. Basically, you take your finished shell program, then encrypt it to armored ASCII format:

    Code:
    gpg -ca foo.sh
    Then you take the resulting "foo.sh.asc" file, then wrap it in another script:
    cat <<EOF | gpg -d | /bin/sh                                                 
    -----BEGIN PGP MESSAGE-----                                                     
    Version: GnuPG v1.4.10 (FreeBSD)                                                
    
    jA0EAwMCN7iZSx7u9fRgySY/QTWgnwhYs0fSdLhwR0xL0Z1VOk6Lm5Jil06U7XtJ                
    Yl62Gab6kg==                                                                    
    =Yalz
    -----END PGP MESSAGE-----
    Code:
    EOF
    The password is "test1". The encrypted script is:
    echo "foo!"
    "
    While I give you my word that my script is safe, don't make a behavior of running such pieces of software from strangers, as you have no reason to {keep in mind that people and I could {possiblydo something devious with my encrypted script.: -)

    Unfortunately, a sufficiently savvy user will be able to recover the script plain text by simply removing the "| /bin/sh" portion from the script, which will result in the script being dumped to stdout.
    In short, if the end user can run the script, it is possible with enough determination and skill to change it. Don't place anything of critical importance (such as passwords) into these obfuscated scripts.

    Comment

    Working...
    X