encrypt en decrypt password inside Unix shell script

iKnow-IT banner

If you want to use password in a shell script, and don't want to leave it readable in the script you can do the following:

encrypt your password as follow:

$ echo YourPassword1! | openssl enc -aes-128-cbc -a -salt -pass pass:wtf
U2FsdGVkX1+HK5hgtrq0dK6c9ksvX4/9nIVgfFSe9hU=

to decript the password:

$ echo U2FsdGVkX1+HK5hgtrq0dK6c9ksvX4/9nIVgfFSe9hU= |  openssl enc -aes-128-cbc -a -d -salt -pass pass:wtf 
YourPassword1! 

In your script you can use 

....... -u <user> -p `echo U2FsdGVkX1+HK5hgtrq0dK6c9ksvX4/9nIVgfFSe9hU= | openssl enc -aes-128-cbc -a -d -salt -pass pass:wtf`

or even better leave the hash (encrypted password) in a separate ini / config file like

...... -u <user> -p `cat $configfile | openssl enc -aes-128-cbc -a -d -salt -pass pass:wtf`

This is still not full / hack proof but much better as:

....... -u <user> -p YourPassword1!