469,365 Members | 1,789 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,365 developers. It's quick & easy.

Storing Passwords

I've a number of scripts set up that require a username/password
combination to log in elsewhere. It's gotten to the point where I
need to keep them in a more secure location, instead of just in the
scripts themselves. I did a bit of searching, and haven't come up
with a great way to store passwords using 2-way encryption (I have to
send them as plain text). Has anyone seen anything that fits this
need? I whipped up something using base64 and pickle, to keep them in
a dictionary and at least prevent them from being plain text, but it
seems a bit insecure all the same. Any ideas, much appreciated.

Thanks!

Eric
Aug 20 '08 #1
3 1640
On Tue, 19 Aug 2008 21:44:04 -0400, Eric Wertman wrote:
I've a number of scripts set up that require a username/password
combination to log in elsewhere. It's gotten to the point where I
need to keep them in a more secure location, instead of just in the
scripts themselves. I did a bit of searching, and haven't come up
with a great way to store passwords using 2-way encryption (I have to
send them as plain text). Has anyone seen anything that fits this
need? I whipped up something using base64 and pickle, to keep them in
a dictionary and at least prevent them from being plain text, but it
seems a bit insecure all the same. Any ideas, much appreciated.
Have you checked pyDes?

http://sourceforge.net/projects/pydes/

or

http://www.example-code.com/python/c...TestVector.asp

there is a link to a library called chilkat and it looks like
this library provides some 3des functionality.

HTH.

--
Regards,
Wojtek Walczak,
http://tosh.pl/gminick/
Aug 20 '08 #2
"Eric Wertman" <ew******@gmail.comwrites:
I whipped up something using base64 and pickle, to keep them in
a dictionary and at least prevent them from being plain text, but it
seems a bit insecure all the same. Any ideas, much appreciated.
If you want people other than yourself to be able to run the scripts
without knowing any passwords, or if you want the scripts to work on
an unattended machine, this is traditionally quite a difficult
problem, solved by special purpose hardware in more serious
deployments. If you don't mind requiring a special master passphrase
to access the stored passwords, one approach might be:

- encrypt the passwords under some master key M, derived from a passphrase

- have a background process that holds M in ram, i.e. you start the
process and type the passphrase into it at the start of your work session.
The background process then takes requests from client processes that
are running on the same machine (not over the internet).

- Your scripts connect to the process to access the decrypted
passwords. The background operates over a local socket and
checks that any connecting process is running under your login
credentials. AF_UNIX sockets under Linux support these
operations but I think the standard Python socket module
currently doesn't implement them. I sort of remember seeing a
patch in the bug tracker for the purpose, but maybe I'm thinking
wishfully.

The ssh-agent program (part of openssh) supports storing a secret key in
a local socket listener. Maybe there is some way to use that program
to get at your passwords. A module for this would make a nice Python recipe.
Aug 21 '08 #3
Paul Rubin <http://ph****@NOSPAM.invalidwrites:
AF_UNIX sockets under Linux support these
operations but I think the standard Python socket module
currently doesn't implement them. I sort of remember seeing a
patch in the bug tracker for the purpose, but maybe I'm thinking
wishfully.
I see now that I have a bookmarked clpy post from Sebastian 'lunar'
Wiesner with this url:

http://pyside.blogspot.com/2007/07/u...th-python.html

I have not gotten around to trying out that approach.
Aug 21 '08 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by Fred Emmott | last post: by
6 posts views Thread by Bartosz Wegrzyn | last post: by
1 post views Thread by Oleg Lebedev | last post: by
4 posts views Thread by Jefferson Cowart | last post: by
4 posts views Thread by VB Programmer | last post: by
3 posts views Thread by Kevin L | last post: by
reply views Thread by scoomey | last post: by
5 posts views Thread by djc | last post: by
13 posts views Thread by =?Utf-8?B?QWRhbSBT?= | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.