use a better authentication method.
i'm using PostgreSQL with KerberosV5 authentication.
package KrbKey;
use base 'Class::DBI';
__PACKAGE__->set_db('Main',
'dbi:Pg:dbname=krbkey;host=dbserver.sub.dom' # no user/password
);
__PACKAGE__->table('krpass');
__PACKAGE__->columns(All => qw( passkey passval ));
1;
#!/usr/bin/perl
use strict;
use warnings;
use KrbKey;
sub lookup {
my $key = shift;
my $pw = KrbKey->retrieve($key);
return $pw->passval;
}
if (@ARGV) {
my @pw = map {lookup($_)} @ARGV;
print join $/, @pw, '';
} else {
print join $/, map({$_->id} KrbKey->retrieve_all), '';
}
without a valid principal...
$ getpw
Failure while doing '' with '_filter_retrieve_all in KrbKey'
Ima::DBI->connect(dbname=krbkey;host=dbserver.sub.dom) failed: Kerbero
+s 5 authentication failed at /opt/network/bin/getpw line 17
at /opt/network/bin/getpw line 17
and with...
$ kinit
Password for me@SUB.DOM:
$ getpw
cisco.console
cisco.enable
snmp.ro
snmp.rw
there's also the possibility of using SSL and Certificates for authentication (i think even MySQL can do SSL auth)
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.