[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

PGP in a CGI script (was Re: Mysql)

On Thu, 8 Mar 2001, Sandip Bhattacharya wrote:

> On Thu, Mar 08, 2001 at 11:17:28PM +0530, Raju Mathur merrily said:
> > Create a PGP keypair for each user.  Now encrypt the MySQL password
> > using all the public keys of all the users.  Let each secret key have
> > the users password as pass phrase.  When a user logs in, use the
> > password s/he's supplied to unlock the corresponding secret key, and
> > use that to decrypt the MySQL password.  Voila!  no passwords embedded
> Just one Q. How can you specify the password for the private key from
> the commandline? Isn't this the only way we can automate it from a
> CGI? 

1. I believe there are various PGP perl modules. Other programming
languages may have PGP interfaces too.

2. You could use expect.

3. You could cobble together something with gpg and its --passphrase-fd

4. You could hack gpg to include a --passphrase option ;-)

bye :)