Do you write a shell that is encrypted in the production environment? Anyway, I do not, the online environment to see the Bai, feel nothing. In fact, it seems that there are several benefits.
1, simple encryption, to prevent others from looking inside the specific content.
2, can conceal the password in the script and other information. (such as your backup script, which involves issues such as passwords)
It seems to be of some use, probably in two different ways.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The first method (Gzexe):
This type of encryption is not a very safe method, but it can be used for general encryption purposes. It is using the system comes with the Gzexe program, it not only encrypts, simultaneously compresses the file.
How to use: Gzexe file.sh It will be the original unencrypted files back to xx.sh~, while xx.sh is converted into encrypted files;
[Email protected] ~]#./1.sh
Wednesday, August 31, 2016 15:38:45 CST
[Email protected] ~]# Gzexe 1.sh
1.sh:120%
[email protected] ~]# ll 1.sh*
-rwxr-xr-x 1 root root 831 August 15:38 1.sh
-rwxr-xr-x 1 root root 5 August 15:30 1.sh~
[email protected] ~]# cat 1.sh~
Date
[Email protected] ~]#
Recommended to use, on the one hand, the system comes with commands, to achieve the purpose, nobody idle crack your script, even if you want to crack, first enter your system again.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The second way SHC
SHC is a professional tool for encrypting shell scripts. its role is to convert the shell script into an executable binary file , this method is also a good solution to the script contains IP, password and so do not want to open the issue.
Package DOWNLOAD Link:
http://www.datsi.fi.upm.es/~frosal/sources/
wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.6.tgz
[Email protected] local]# Tar XF shc-3.8.6.tgz
[Email protected] local]# CD shc-3.8.6
[Email protected] shc-3.8.6]# mkdir-p/usr/local/man/man1
This step is necessary, otherwise the installation process will be error, SHC will install the command into the/usr/local/bin/directory; The help document is stored in the/usr/local/man/man1/directory, if there is no such directory in the system, the installation will be error, you can create this directory and then perform the installation.
[[email protected] shc-3.8.6]# make install
Installing SHC and Shc.1 on/usr/local
want to continue? Yes
Install-c-S shc/usr/local/bin/
Install-c-M 644 shc.1/usr/local/man/man1/
[Email protected] shc-3.8.6]#
Yum Install glibc glibc.i686-y
Usage:
-f Specifies the file to encrypt
[Email protected] ~]# Shc-r-F 1.sh
1.sh.x.c:in function ' chkenv ':
1.sh.x.c:277:warning:cast from pointer to integer of different size
After running, two files are generated, xx.x and xx.x.c. Where xx.x is an executable binary that is encrypted and can be run with./xx.x, XX.X.C is the original file (c) that generated the xx.x.
[email protected] ~]# ll 1.sh*
-rwxr-xr-x 1 root root 831 August 15:38 1.sh
-rwxr-xr-x 1 root root 5 August 15:30 1.sh~
-rwx--x--x 1 root root 12656 August 16:04 1.sh.x
-rw-r--r--1 root root 14001 August 16:04 1.sh.x.c
[Email protected] ~]#
Not recommended, need to be installed separately management, more trouble. If the security requirements are very high, it is possible to parameter.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This article is from the "[email protected]" blog, please be sure to keep this source http://renzhiyuan.blog.51cto.com/10433137/1844814
Shell Script Encryption Notes!