How to hide username / password when using FTP functions

Re: How to hide username / password when using FTP functions

If the remote host has ssh access, you could setup key-based
authentication and transfer files over ssh:



You could also store the password (or a key to decrypt the password) in
a file that no one else has access to, or supply the password to the
script each time you connect to the remote site.

livefreeordie wrote:

Re: How to hide username / password when using FTP functions


"livefreeor die" <jpittman2@gmai l.comwrote in message
news:1159900665 .186551.50290@c 28g2000cwb.goog legroups.com...if you are trying to hide from your team members then best to take input
from a form and feed those to your script
making an include to another file with the passwords etc won't help if the
perople you are hiding this info from have access to the same directories.

Re: How to hide username / password when using FTP functions

livefreeordie wrote:Encrypt the password and decrypt it just before sending it. Not really
safe; if someone else has access to the encrypted password and the
decrypt code they can easily decrypt it.

Or you could force the user to enter it in a browser.

But there's not a lot you can do to protect passwords when others have
access to the source code, also.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

Re: How to hide username / password when using FTP functions

Zebrawszy mysli livefreeordie <jpittman2@gmai l.comwyklepal:ofc :)

hi, you can store it in plain text, no problem (ofc if some1 has a time he
can broke it but perhaps it will be waste of time)
1. make your own pass for example: $pass = test
2. use js or php function and do that action:

$encryptedPassw ord = 1;

for($i = 0; $i < strlen($pass); $i++)
$encryptedPassw ord *= ord($pass[$i]);

3. you will have big nuber (ofc if you will use more then 3 letters in
password :) )
4. put this number into your file and make form - only password of if you
want pass and username too
5. use same function to convert post data to number
6. try to compare stored password with that what you will have from post

OFC you have to make your passord offline and put it like a CONST or other
static variable in your file

have fun :)


--
~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~
Ikciu | gg: 718845 | www: www.e-irsa.pl

2be || !2be $this =mysql_query();

Re: How to hide username / password when using FTP functions

Johnny wrote:Well this is part of a tool that is run by the user community - it just
access files on another server. I really don't want to make each user
enter another username and password - I want to just use my own
credentials.
Exactly. I've temporarily solved the problem by making the include
file owned by user 'nobody' - under which the web server runs, and
changing the mods to 600 . I have sudo privs to do this -
unfortunately so do other people on the team - so if they really wanted
to , they could get at my pwd. But I'm not entirely sure they would
know how. ;)

We're moving to a new server where the Apache will run under a
dedicated username. When we do that, I can just use its own username &
password since it's known among our web team anyway.