[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

Best way to encrypt/decrypt a word

Ruby Student

2/5/2009 7:31:00 PM

[Note: parts of this message were removed to make it a legal post.]

Hello Team,

I have the need to encrypt/decrypt a one word string. The encrypted word
will be saved in a file.
Later the word will be picked-up from the file, decrypt it at execution
time, and use it as a UNIX password to perform certain function that
requires authentication.
What Ruby facility is available for this simple function?

Thank you

--
Ruby Student
8 Answers

Iñaki Baz Castillo

2/5/2009 7:53:00 PM

0

El Jueves, 5 de Febrero de 2009, Ruby Student escribi=C3=B3:
> Hello Team,
>
> I have the need to encrypt/decrypt a one word string. The encrypted word
> will be saved in a file.
> Later the word will be picked-up from the file, decrypt it at execution
> time, and use it as a UNIX password to perform certain function that
> requires authentication.
> What Ruby facility is available for this simple function?

The problem is:
Even if the UNIX password is encrypted by the Ruby programm, if an attacker=
=20
can see the Ruby code it can know how to decrypt it.


=2D-=20
I=C3=B1aki Baz Castillo

Ruby Student

2/5/2009 8:11:00 PM

0

On Thu, Feb 5, 2009 at 2:52 PM, I=F1aki Baz Castillo <ibc@aliax.net> wrote:

> El Jueves, 5 de Febrero de 2009, Ruby Student escribi=F3:
> > Hello Team,
> >
> > I have the need to encrypt/decrypt a one word string. The encrypted wor=
d
> > will be saved in a file.
> > Later the word will be picked-up from the file, decrypt it at execution
> > time, and use it as a UNIX password to perform certain function that
> > requires authentication.
> > What Ruby facility is available for this simple function?
>
> The problem is:
> Even if the UNIX password is encrypted by the Ruby programm, if an attack=
er
> can see the Ruby code it can know how to decrypt it.
>
>
> --
> I=F1aki Baz Castillo
>
>

I=F1aki,
You are correct. However, we are behind several firewalls.
Also, the file with the encripted password will be place within a "secured"
dir.

Thank you

--=20
Ruby Student

Iñaki Baz Castillo

2/5/2009 8:28:00 PM

0

El Jueves, 5 de Febrero de 2009, Ruby Student escribi=C3=B3:
> You are correct. However, we are behind several firewalls.
> Also, the file with the encripted password will be place within a "secure=
d"
> dir.

It seems there are some solutions:

http://snippets.dzone.com/post...
http://snipplr.com/view/3958/encrypting--decrypting-passwords-usin...
o/
http://stuff-things.net/2007/06/11/encrypting-sensitive-data-with-...
ails/
http://groups.google.cl/group/rubyonrails-talk/browse_thread/threa...
d2e2929b2

:)

=2D-=20
I=C3=B1aki Baz Castillo

Daniel Berger

2/5/2009 9:41:00 PM

0



On Feb 5, 12:30=A0pm, Ruby Student <ruby.stud...@gmail.com> wrote:
> Hello Team,
>
> I have the need to encrypt/decrypt a one word string. The encrypted word
> will be saved in a file.
> Later the word will be picked-up from the file, decrypt it at execution
> time, and use it as a UNIX password to perform certain function that
> requires authentication.
> What Ruby facility is available for this simple function?

Rotate the password in the file. Remember the rotation level. And
then...

require 'crypt/rot13'

rotation =3D 4
encrypted_password =3D IO.read(some_file)
password =3D Crypt::Rot13.new(encrypted_password, -rotation)

MWAHAHAHAH!

Hey, you didn't specify the _level_ of encryption. >:)

Regards,

Dan

Petite Abeille

2/5/2009 9:58:00 PM

0


On Feb 5, 2009, at 10:40 PM, Daniel Berger wrote:

> Hey, you didn't specify the _level_ of encryption. >:)

Ah, yes, the famous 2ROT13 encryption algorithm:

http://www.mobikom.at/...

Cheers,

--
PA.
http://alt.textdrive.c...

Eleanor McHugh

2/5/2009 10:48:00 PM

0

On 5 Feb 2009, at 21:58, Petite Abeille wrote:
> On Feb 5, 2009, at 10:40 PM, Daniel Berger wrote:
>> Hey, you didn't specify the _level_ of encryption. >:)
>
> Ah, yes, the famous 2ROT13 encryption algorithm:
>
> http://www.mobikom.at/...

Or at the other extreme use OpenSSL. You'll find RSA and DSA examples
in most of the presentations linked in my sig.
To be honest though, unless it's a long word you're encrypting you
probably shouldn't worry about it.


Ellie

Eleanor McHugh
Games With Brains
http://slides.games-with-...
----
raise ArgumentError unless @reality.responds_to? :reason

Robert Klemme

2/6/2009 1:46:00 PM

0

2009/2/5 Ruby Student <ruby.student@gmail.com>
>
> On Thu, Feb 5, 2009 at 2:52 PM, I=F1aki Baz Castillo <ibc@aliax.net> wrot=
e:
>
> > El Jueves, 5 de Febrero de 2009, Ruby Student escribi=F3:
> > > Hello Team,
> > >
> > > I have the need to encrypt/decrypt a one word string. The encrypted w=
ord
> > > will be saved in a file.
> > > Later the word will be picked-up from the file, decrypt it at executi=
on
> > > time, and use it as a UNIX password to perform certain function that
> > > requires authentication.
> > > What Ruby facility is available for this simple function?
> >
> > The problem is:
> > Even if the UNIX password is encrypted by the Ruby programm, if an atta=
cker
> > can see the Ruby code it can know how to decrypt it.

> You are correct. However, we are behind several firewalls.
> Also, the file with the encripted password will be place within a "secure=
d"
> dir.

Well... I'd rather do something different: set up ssh with ssh-agent
so that you can do automated logins. Not sure whether that works with
Ruby's Net::SSH but you can fork a SSH shell via system or IO.popen.
Of course, in this scenario someone has to enter the passphrase
once...

My 0.02EUR

Kind regards

robert


--
remember.guy do |as, often| as.you_can - without end

Ruby Student

2/6/2009 3:28:00 PM

0

On Fri, Feb 6, 2009 at 8:46 AM, Robert Klemme <shortcutter@googlemail.com>w=
rote:

> 2009/2/5 Ruby Student <ruby.student@gmail.com>
> >
> > On Thu, Feb 5, 2009 at 2:52 PM, I=F1aki Baz Castillo <ibc@aliax.net>
> wrote:
> >
> > > El Jueves, 5 de Febrero de 2009, Ruby Student escribi=F3:
> > > > Hello Team,
> > > >
> > > > I have the need to encrypt/decrypt a one word string. The encrypted
> word
> > > > will be saved in a file.
> > > > Later the word will be picked-up from the file, decrypt it at
> execution
> > > > time, and use it as a UNIX password to perform certain function tha=
t
> > > > requires authentication.
> > > > What Ruby facility is available for this simple function?
> > >
> > > The problem is:
> > > Even if the UNIX password is encrypted by the Ruby programm, if an
> attacker
> > > can see the Ruby code it can know how to decrypt it.
>
> > You are correct. However, we are behind several firewalls.
> > Also, the file with the encripted password will be place within a
> "secured"
> > dir.
>
> Well... I'd rather do something different: set up ssh with ssh-agent
> so that you can do automated logins. Not sure whether that works with
> Ruby's Net::SSH but you can fork a SSH shell via system or IO.popen.
> Of course, in this scenario someone has to enter the passphrase
> once...
>
> My 0.02EUR
>
> Kind regards
>
> robert
>
>
> --
> remember.guy do |as, often| as.you_can - without end
>
>

Actually Robert, your idea might work. Let me give you the background:

We have two AIX (IBM flavor of UNIX) servers, s1 and s2 for argument sake.
s1 is an application server, while s2 is a DB2 server.
There is an SQL utility on s2 which we need to trigger (run), and which
execution will be initiated on s1 via ssh.
The Ruby utility running on s1 will eventually receive a return code from
the SQL utility running on s2 and will take appropriate action based on the
RC.

Now, to execute the SQL utility in the DB2 server, one has to use a
userid/pw which exists on DB2.
We want to encrypt the pw once, which a user will entered, and save it in a
file.
The Ruby utility will read that file and at execution time decipher the pw
and send the request.

We don't want to place an un-encrypted pw in a file, which is why I wanted =
a
cypher/decipher utility.
I found that crypt is one way encryption utility. In other words, I can
cypher but can't decipher with it.

Thanks to everyone for their input so far.

--=20
Ruby Student