The original contents of the file are known as plaintext or cleartext. We will describe how to use the crypt command here. Note that the crypt command, if available on your system, cannot withstand serious attack.
After we discuss how to use crypt, we will explain why files encrypted using it are vulnerable to attack and why it is not included in Linux. We will also describe replacements for it that can be used for serious encryption. Using crypt To use crypt to encrypt a file, you need to supply an encryption key, either as an argument on the command line, as the response to a prompt, or as an environment variable.
Do not forget the key you use to encrypt a file, because if you do, you cannot recover the file-not even the system administrator will be able to help. The type of encryption used by the crypt command is called private key encryption, since anyone who knows the encryption key can easily find the decryption key In fact, for crypt the encryption key and the decryption key are exactly the same! Later in this chapter we will discuss a different kind of encryption system, known as a public key system, where knowing the encryption key does not provide useful help for decryption.
However, you may want to use the crypt command in this way inside a shell script. The following example shows this use of crypt. The command line. Hiding the Encryption Key When you use crypt with your encryption key as an argument, you are temporarily making yourself vulnerable. This is because someone running the ps command with the -a option will be able to see the command line you issued, which contains the encryption key.
To avoid this vulnerability, you can run crypt without giving it an encryption key When you do this, it will prompt you for the key The string you type as your key is not echoed back to your display Here is an example showing how crypt is run in this way:.
Using an Environment Variable You can also use an environment variable as your key when you encrypt a file with crypt. For instance, you may have the following line in your. Generally, it is not a good idea to use this method because it uses the same key each time you encrypt a file. This makes it easier for an attacker to cryptanalyze your encrypted files.
Also, storing your key in a file makes it vulnerable if an unauthorized user gains access to your. Decrypting Files To decrypt your file, run crypt on the encrypted file using the same key This produces your original file, because the process of decrypting is identical to the process of encrypting.
Make sure you remember the key you used to encrypt a file. Using the -x Editor Option One way to protect a file is to create it using your favorite editor and then encrypt the file using crypt.
To modify it, you first need to decrypt the file using crypt, run your editor, and then encrypt the results using crypt. When you use this procedure, the file is unprotected while being edited, since it is in unencrypted form during this time. To avoid this vulnerability, you can encrypt your files by invoking your editor ed or vi with the -x option.
The system prompts you for your encryption key You have to remember it to be able to read and edit this file. To edit the file, run vi -x and enter the same key when you are prompted. You can read the file using this command:. The Security of crypt Unfortunately, the encryption provided by this command is quite weak; files encrypted using it cannot withstand a serious attack.
The algorithm used by crypt to encrypt files simulates the action of a mechanical encrypting machine known as the Enigma, which was used by Germany during World War II. Files made secret using crypt are vulnerable to attack. For example, tools have been developed by Jim Reeds and Peter Weinberger and publicized in the Bell Laboratories Technical Journal to cryptanalyze files encrypted using crypt.
Privacy Policy. New eBooks. Search Engine. Get up-and-running on UNIX quickly, use the command shell and desktop, and access the Internet and e-mail. You'll also learn to administer systems and networks, develop applications, and secure your UNIX environment.
It steps you through the various phases of the migration process, using detailed case studies to illustrate the benefits, costs, and requirements associated with a migration project. Electronic Mail revised Chapter 9. Processes and Scheduling revised Chapter Security and Authentication revised Chapter Basic System Administration revised Chapter Clients and Servers revised Chapter Administering the Network revised Chapter Filters and Utilities revised Chapter Shell Programming revised Chapter Perl revised Chapter Python and PHP new Chapter Developing Applications revised Chapter Databases new Chapter Rosen , Douglas A.
0コメント