Centos 7 - Proxy authentication without saving password

0

Is there any way to configure the proxy in the file "/etc/yum.conf" without leaving the password saved in this file? Something like, pass the password by parameter?

Today the password is written to the file as follows:

# HABILITAR PROXY CENTOS 7:
# The proxy server - proxy server:port number
proxy=http://10.10.10.10:3128
# The account details for yum connections
proxy_username=dominio\usuario
proxy_password=123456

The idea is that the password is not saved, thus avoiding a possible security breach in case of use.

Thank you.

    
asked by anonymous 17.04.2018 / 19:10

1 answer

1

Consider simply setting the permissions of yum.conf to 0600 and always running yum as root. Thus, only those who know the root password can read the proxy password in the configuration.

That said, in shell script you can prompt the user for the password and run yum in a context that contains this environment variable. So the confidential information stays in memory only during the process execution:

#!/bin/bash
# yum.pedesenha.sh
read -sp 'Informe o endereço do proxy: ' endereco;
read -sp 'Informe o usuário do proxy: ' usuario;
read -sp 'Informe a senha do proxy: ' senha;
proxy=$endereco proxy_username=$usuario proxy_password=$senha yum "$@";

Run by passing parameters as a% common%:

$ ./yum.pedesenha.sh check-update

Of course, you may just not like the idea of leaving the password in the configuration file, but leave the address and user quiet. Simply remove the lines of yum and the assignments for the environment variables in the last line for the parameters that continue to be set in read .

    
25.04.2018 / 04:40