JupiterHost.Net wrote: > > > Ken Perl wrote: > >> The password used to access a ftp server is stored in a text file, the >> perl program gets the password from the file, the pass it to the ftp >> server for logon, this is the background. >> The requirement is encrypt the password store in a more secure way, >> and the perl program could still use the encrypted password to logon >> the server. what algorithm should be used in this task? > > > Any Crypt:: modules would help but then the way to unencrypt it is still > in a file. You be better off doing: > > my $password = 'plaintext'; > > chown user:user config.pm > chmod 600 config.pm > > that way only the user can read it so it can safely be in plain text. > > Obscuring it is a lame way to do it because any moron with half sense > can figure out how you unobscure it if they have access to the file anyway. > > Permissions, permission, permissions :) > > HTH :) > Considering it is FTP who cares about permissions too. It is an insecure protocol to begin with, the password is sniffable during transmission anyways, really the words FTP and secure don't belong in a sentence together, unless they are included with the word NOT.
http://danconia.org -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
