Python哈希密码可在其他脚本中使用?
[英]Python hashed password to use in different script?
问题描述
OK, i was unable to find this same question anywhere.. So i apologize in advance if this has been asked before. 
好吧,我在任何地方都找不到相同的问题。
My need is to have a script ssh into other devices at different times, to do this I need to store a password. 我需要在不同时间将脚本ssh插入其他设备,为此,我需要存储密码。 I don't want to use plain text or base64, but I would be OK with hashing the password and I have no issue doing that. 我不想使用纯文本或base64,但是我可以对密码进行哈希处理,并且这样做没有问题。 The issue is I don't know how to get the hash to be sent to the devices as a password. 问题是我不知道如何将哈希作为密码发送到设备。 It just sends the hash and the login gets denied. 它只是发送哈希值,登录被拒绝。
This is the hash script that writes to a file: 这是写入文件的哈希脚本:
import getpass, hashlib, os
pwf = open('hashes.txt', 'w')
password = getpass.getpass()
hashpass = hashlib.sha256(password).hexdigest()
pfw.write(hashpass)
This is the 2nd script that I can pull the hash out of the file, but its still a hash. 这是我可以将哈希值从文件中拉出的第二个脚本,但它仍然是哈希值。
hashes = open('hashes.txt', 'r')
for pw in hashes:
passwrd = pw.strip()
password = passwrd
Thats all fine and dandy, but the I cant login with the hash.. Im sure im doing something fundamentally wrong here. 一切都很好,但我无法用哈希登录。。我确定我在这里做的根本是错误的。 please let me know. 请告诉我。
Also i left out the other ssh code as I didnt think it was relevent. 我也忽略了其他的ssh代码,因为我不认为这是相关的。
1 个解决方案
解决方案1
1 2014-12-31 20:40:40
The entire point of a cryptographic hash is that it isn't feasible to reverse it into the original password. 加密散列的全部要点是,将其还原为原始密码是不可行的。 If you need to send the actual password, a hash will not work for you; 如果您需要发送实际的密码,则哈希对您不起作用; you'd need to use an actual encryption algorithm - but then you run into a similar problem of how you store the encryption key you're using to store the password. 您需要使用实际的加密算法-但随后遇到了类似的问题,即如何存储用于存储密码的加密密钥。
Either way you need a way of securely storing data on your local system that other unauthorized users can't access. 无论哪种方式,都需要一种将数据安全地存储在本地系统上的方式,而其他未经授权的用户则无法访问这些数据。 Typically this is done by using key-based ssh authentication and storing the key with permissions that make it inaccessible to other users. 通常,这是通过使用基于密钥的ssh身份验证并将密钥存储在其他用户无法访问的权限中来完成的。 This essentially skips the unnecessary step of encrypting/decrypting a password and instead just uses the encryption key as the authentication mechanism for ssh. 这实质上跳过了不必要的加密/解密密码步骤,而只是将加密密钥用作ssh的身份验证机制。
Note that there exist Python libraries that are designed for the kind of task you're doing ( ssh ing to remote systems and running commands automatically) - fabric is one of them. 请注意,有一些Python库是为您正在执行的任务而设计的(将其ssh远程系统并自动运行命令) fabric是其中之一。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.