This software provides a simple way to read/create the contents of the .irodsA files that are used by iRODS. The read functionality may be useful if you need to reclaim a lost password from an .irodsA file. The create functionality could be helpful if you need to write the contents of an .irodsA file without having iinit.

The best use of these utilities however is to serve as a reminder that .irodsA files are insecure: they should not be left lying around with the wrong privileges!

The (arguably strange...) function that does the obfuscation is [provided in the iRODS repository] (https://github.com/irods/irods/blob/a1db0f5defa9a34f72be3be1e4f8ae24965f9187/scripts/irods/password_obfuscation.py) - this script just puts a more easily usable wrapper around it.

• Python 2.7.
• A clone of this repository. Use the --recursive flag to also download the iRODS submodule.

Do not unobfuscate .irodsA files if you do not have the permission of the owner to do so!

To unobfuscate, use the convenience script unobfuscate.sh. To see all options, use --help.

Example using file location:

$ ./unobfuscate.sh --uid 123 example/.irodsA
examplePassword

Example using stdin:

$ echo ".%+90ze*M08E8(#028LED2" | ./unobfuscate.sh --uid 123 -
examplePassword

To obfuscate, use the convenience script obfuscate.sh. To see all options, use --help.

Example using stdin:

$ echo "examplePassword" | ./obfuscate.sh --uid 123 --mtime 123 -
.%+90ze*M08E8(#028LED2

Example using interactive input:

$ ./obfuscate.sh -i --uid 123
iRODS password to obfuscate:
.%+90ze*M08E8(#028LED2

Note: if uid (a "salt") is not given, one is generated based on the value returned by Python's os.getuid(). The same uid is required to decode passwords.