John Summerfield wrote:
lanas wrote:
Folks,
I'd like to automate periodic backups to an encrypted drive. The
drive is in fact a removable USB drive. It's fairly easy, if needed,
to write a Perl script that would use expect and feed the password
needed to mount the encrypted drive but, is there any way to prevent
using a plain text password in any kind of script whatsoever ? I'm
using dm-crypt, but I could change to another encryption mechanism.
I don't understand what you want to do. Can you expand?
I'm not much help in this area but I think the OPs issue is having a
script with an embedded password. If the script has to sudo or su to
the correct environment to mount the drive and/or perform the backup to
a drive with the encryption scheme the password would be in plain text
and therefore compromised.
Is there any way in which running this as a user cron job might be
useful? Could cron start a job as a user with the proper access rights?
I've said more than I know, I'll bow out now.
~~R