views:

58

answers:

2

I'm building a rails app that communicates with other servers via ftp. The user needs to input their host, username and password for their particular ftp server. I wouldn't want to store their password as cleartext, but I need the actual password to connect to the server when it comes time. Would it make sense to use a two-way hash?

I found a few implementations that might do the job:
http://crypt.rubyforge.org/blowfish.html
http://crypt.rubyforge.org/rijndael.html
http://ezcrypto.rubyforge.org/

Thanks,
Trevor

A: 

Since password is eventually passed to the FTP server as cleartext, any db encryption is a bonus.

Jonathan Julian
A: 

I ended up using attr_encrypted which worked great.

Trevor Hartman