I've a tinny question, how can I crypt my scripts? I mean, for exemple, sometimes I've some sh scripts (provided by some company like VMWare) and when I VI's it they just show me a crypted file and not a plained text file.
How Can I transform my plained text scripts into an crypted script?
If your purpose is to keep someone from seeing the contents of the script (e.g. the code and how it works) and also be able to run it, there's not really a way to do that. You can use self-extracting and code obfuscation, but in the end someone who really wants to will be able to see the script with only a little extra effort.
There are other reasons to use encryption that may have some utility, but you haven't said what you're trying to do or why so it's difficult to make a recommendation that includes information about limitations and vulnerabilities.
This site seems to have a script that will do what you want:
http://megastep.org/makeself/
From the site:
makeself.sh is a small shell script that generates a self-extractable tar.gz archive from a directory. The resulting file appears as a shell script (many of those have a .run suffix), and can be launched as is. The archive will then uncompress itself to a temporary directory and an optional arbitrary command will be executed (for example an installation script). This is pretty similar to archives generated with WinZip Self-Extractor in the Windows world. Makeself archives also include checksums for integrity self-validation (CRC and/or MD5 checksums).
See the comment about v2.1.5 supporting encryption through gpg.
I think it's called a shell archive, the original being written by James Gosling (inventor of Java).
http://blogs.oracle.com/jag/entry/shar_a_blast_from_the
No, you are looking at a compressed file, not an encrypted file.
The question is a little unclear. If you actually want to encrypt a file, you could use an encryption utility such as bcrypt. It will then no longer work as a shell script, until you decrypt it.
It may be that what you see in vi is compressed data (to be self-extracted and run). There are ways to package shell scripts up in this way. Or.. perhaps you're just looking at binary data from an executable (not a shell script in the first place).
If you want to achieve what I think you want to achieve.. You might be better off doing this with user permissioning (i.e. allow people to execute a given executable, but not read it.. or have some setuid interpreter).
If hiding the script's source code is the goal, you may want to look at shc. Note, I've never actually used this until today. It works, at least for my simple one line script /bin/sh test script.
Otherwise, you can try using gpg to encrypt the script and give each user the password. Basically, you take your finished shell script, then encrypt it to armored ASCII format:
Then you take the resulting "foo.sh.asc" file, then wrap it in another script:
The password is "test1". The encrypted script is:
While I give you my word that my script is safe, don't make a habit of running such scripts from strangers, since you have no reason to trust me and I could potentially do something devious with my encrypted script. :-)
Unfortunately, a sufficiently savvy user will be able to recover the script plain text by simply removing the "| /bin/sh" portion from the script, which will result in the script being dumped to stdout.
In short, if the end user can run the script, it is possible (with enough motivation and skill) to reverse engineer it. Don't place anything of critical importance (such as passwords) into these obfuscated scripts.
To encrypt your script and ensure no one gets to view it, you have two options:
First Option
Encryption with openssl:
Decryption with openssl:
yourscript.dec will be the same as your original script yourscript.sh
Second Option