Hi,
I would like to use the libssh2 library to automatically exec several
programs on remote machines. One of the arguments of these programs is a
password for a database connection. I intend to use an SSH agent to
automatically connect to the remote machines but I have to encrypt the
password so that users on remote machines can't see it. I can modify the
remote programs to decrypt the password.
Since I have already a private / public key pair with SSH, I wonder if it's
possible to encrypt the password with the SSH public key and, within the
remote programs, to decrypt the encrypted password with the SSH private key.
I have looked the libssh2 documentation and it seems to me that there is no
function to do this. Is there a way to do it with the libssh2 library ?
Otherwise, I can generate a key of my own, use the libssh2 scp functions to
copy it on the remote machines, encrypt the password and exec the commands.
The remote programs use the key to decrypt the password, then connect to the
database. Of course, the key would be in a file only readable by the SSH
user.
Do you think there is a better way to do this ?
Thanks,
J. B.
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-10-16