[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

PGP in a CGI script (was Re: Mysql)

To: Linux Users Group Delhi <linux-delhi@xxxxxxxxxxxxxxxxxxxxx>
Subject: PGP in a CGI script (was Re: Mysql)
From: Anmol Khirbat <anmol@xxxxxxxxxxx>
Date: Thu, 8 Mar 2001 11:01:31 -0800 (PST)
In-reply-to: <20010308235849.B1948@bigfoot.com>

On Thu, 8 Mar 2001, Sandip Bhattacharya wrote:

> On Thu, Mar 08, 2001 at 11:17:28PM +0530, Raju Mathur merrily said:
> > Create a PGP keypair for each user.  Now encrypt the MySQL password
> > using all the public keys of all the users.  Let each secret key have
> > the users password as pass phrase.  When a user logs in, use the
> > password s/he's supplied to unlock the corresponding secret key, and
> > use that to decrypt the MySQL password.  Voila!  no passwords embedded
> 
> Just one Q. How can you specify the password for the private key from
> the commandline? Isn't this the only way we can automate it from a
> CGI? 

1. I believe there are various PGP perl modules. Other programming
languages may have PGP interfaces too.

2. You could use expect.

3. You could cobble together something with gpg and its --passphrase-fd
option.

4. You could hack gpg to include a --passphrase option ;-)

bye :)
Anmol

References:
- Re: Mysql
  - From: Sandip Bhattacharya

Prev by Subject: Pakaj Kaushal and All
Next by Subject: pppd daemon died upexpectedly
Previous by thread: Re: Mysql
Next by thread: Re: Mysql
Index(es):
- Subject
- Thread