I have a bash script that I would like to obfuscate the best I can (without encrypting it, but I could use a fingerprint reader), and I would like to know a good modern way to do that as of 2024. All references that I’ve found are quite old or unreliable.
I’m the only user of my Linux installation, but I would like to protect my script from malicious software/memory inspection/etc.
What I have done so far is to compile it with the old shc
, and to prevent the script for waiting or running anything but immediate tasks (so hopefully no ps
would see its source code). I have it in my encrypted HOME partition, but of course it is always open if I am working at the computer.
A few years back there was some way of still getting the source code of the original script when compiled with shc
, but I don’t know if shc
still has that vulnerability.
I know there is obash
, but I don’t know if it is better.
Is there a better way today?