how about one way hashes or digital keys which is based on my machine.
i just read this stuff on internet and dont know how to use or create
them. looking for ideas.
Nope, a one-way-hash is "one way". Meaning you can go from cleartext
to hash, but not back to cleartext.
Encrypting the passwords with AES or RSA or something like that won't
help either, because your script need the key to decrypt the password.
That means either hard coding it (not secure) or making it readable
to the script in another way. I'm going to assume if the attacker can
read the script, then they can read the key.
If your attack vector is merely that you want to put your script up on
github and you're not worried about people hacking your computer, then
just put the username/password in an environment variable, database or
other file and access that from your script. But if someone can hack
your computer and read the script, then chances are they'll be able to
read the environment variable, database or other file, etc.
--=20
Aaron Turner
http://synfin.net/=A0 =A0 =A0 =A0=A0 Twitter: @synfinatic
http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Win=
dows
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety.
=A0 =A0 -- Benjamin Franklin
"carpe diem quam minimum credula postero"