Encrypt password in create user script

[psychozz]

I’d like to encrypt a password, set it as a variable in a script and then pass the encrypted password to dscl to set a user’s password.

Like this:

[code]
#!/bin/bash

USER=username
PASSWD=encrypted_password_hash

dscl . -passwd /Users/$USER $PASSWD[/code]

Is this possible? I have googled this problem for hours now and have not found anything! I thought people out there where more paranoid 🙂

I have tried setting the output from:
[code]openssl passwd -1[/code]
[code]openssl passwd -1 -salt randomch[/code]
with no luck…

Is there any auth key type in the users record I have to append/set?

[khiltd]

If the script contains the logic necessary to decrypt the password stored within it then it might as well not be encrypted at all.

[tlarkin]

Whenever I need to use a password in a script I always make it self destruct and then purge the logs. I know that keeping passwords in scripts is not considered best practice but all of my scripts that have passwords are typically post image scripts. Then they self destruct and flush the logs.

[Author]

Posts