Search code examples
bashcurlftpshsecure-coding

How to encrypt curl command to secure server password?

I need to secure the server login and password.

I have a Bash script and to work I have to run it on third-party services. The script contains a curl command with a login and password to transfer data to my server.

curl -T filedata.txt ftp://login:[email protected]/

How can I secure storing my password in open source? Can curl be encrypted in Bash?

Are there other ways to transfer files to the server for work in the UBUNTU terminal?

Solution

  • Using a SSH key is a good way of accessing a Linux server without using a password,

    Requirements 1.Your destination server should have ssh enabled You should have generated public and private ssh keys (just use the command ssh-keygen -t rsa) 2. You should have a user account and password on the server. Even root account will do. 3. You should know the IP address of the server

    Method 1: Copy the key to the server

    1. Copy the SSH key to the remote server. ssh-copy-id -i ~/.ssh/id_rsa.pub YOUR_USER_NAME@IP_ADDRESS_OF_THE_SERVER by logging in with the username and password

    Method 2: If the server does not have username and password authentication and only allows SSH public key authentication.

    You can ask the end user to provide her/his public key. Now what you can do is to create .ssh/authorized_keys directory and then copy the public key here.

    1. Get the public key

    Ask the end user to provide the public key by typing the following command:

    cat ~/.ssh/id_rsa.pub It will show a long random string starting with ssh-rsa:

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQ3GIJzTX7J6zsCrywcjAM/7Kq3O9ZIvDw2OFOSXAFVqilSFNkHlefm1iMtPeqsIBp2t9cbGUf55xNDULz/bD/4BCV43yZ5lh0cUYuXALg9NI29ui7PEGReXjSpNwUD6ceN/78YOK41KAcecq+SS0bJ4b4amKZIJG3JWm49NWvoo0hdM71sblF956IXY3cRLcTjPlQ84mChKL1X7+D645c7O4Z1N3KtL7l5nVKSG81ejkeZsGFzJFNqvr5DuHdDL5FAudW23me3BDmrM9ifUmt1a00mWci/1qUlaVFft085yvVq7KZbF2OP2NQACUkwfwh+iSTP username@hostname

    You can get this text via email or messaging tools. Normally, it shouldn’t be a problem.

    1. Create ssh directory in the user’s home directory (as a sysadmin)

    Keep in mind that you have to create these new directories and files in the end user’s home directory, not on your own (root/sysadmin).

    mkdir -p /home/user_name/.ssh && touch /home/user_name/.ssh/authorized_keys Now open this /home/user_name/.ssh/authorized_keys file with a text editor and add the public key of the user here:

    vim /home/user_name/.ssh/authorized_keys Save and close the file. It’s almost ready.

    1. Set appropriate permission to the file

    Having appropriate file permission on the ssh file is very important otherwise you’ll see errors like Permission denied (publickey).

    First, make sure to set the correct file permissions:

    chmod 700 /home/user_name/.ssh && chmod 600 /home/user_name/.ssh/authorized_keys You created those file with either root or your own admin accounts for some other user. You need to change the ownership to the user:

    chown -R username:username /home/username/.ssh