Automate Extended Validation (EV) code signing with SafeNet eToken

Expanding on answers already in this thread, it is possible to provide the token password using the standard signtool program from microsoft. 0. Open SafeNet Client in Advanced View Install paths may vary, but for me the SafeNet client is installed to: C:\Program Files\SafeNet\Authentication\SAC\x64\SACTools.exe Click the gear icon in the upper right to open “advanced … Read more

How can I make an expect script prompt for a password?

Use expect’s stty command like this: # grab the password stty -echo send_user — “Password for $user@$host: ” expect_user -re “(.*)\n” send_user “\n” stty echo set pass $expect_out(1,string) #… later send — “$pass\r” Note that it’s important to call stty -echo before calling send_user — I’m not sure exactly why: I think it’s a timing … Read more

getpasswd functionality in Go?

The following is one of best ways to get it done. First get term package by go get package main import ( “bufio” “fmt” “os” “strings” “syscall” “” ) func main() { username, password, _ := credentials() fmt.Printf(“Username: %s, Password: %s\n”, username, password) } func credentials() (string, string, error) { reader := bufio.NewReader(os.Stdin) fmt.Print(“Enter … Read more

Automate Extended Validation (EV) code signing

There is no way to bypass the login dialog AFAIK, but what you can do is configure the SafeNet Authentication Client so it only asks it once per login session. I quote the SAC doc (found once installed in \ProgramFiles\SafeNet\Authentication\SAC\SACHelp.chm, chapter ‘Client Settings‘, ‘Enabling Client Logon‘) here: When single logon is enabled, users can access … Read more

Why are plain text passwords bad, and how do I convince my boss that his treasured websites are in jeopardy? [closed]

In the military it’s called “Defense in Depth”. The theory is that you harden every layer you can rather than hardening just one layer and hoping it’s enough. I’ve heard databases like yours called “hard on the outside, soft and chewy on the inside”. There are a million ways a dedicated hacker can get access … Read more