Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

Hiding password for FTP in a script

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Hiding password for FTP in a script
# 1  
Old 10-24-2008
Hiding password for FTP in a script
Hi,

I have a simple script to ftp from unix to a mainframe to get and put files. Currently I have the password setup in a VARS file and dereference the var in my script. Doing it this way allws me to change the password in only one place but it is still viewable for many people. Is there any other way to hide the password for the ftp command?

Thank you!
# 2  
Old 10-24-2008
Hammer & Screwdriver There are 'hiding' steps you could take
These could be understood by anyone capable of reading the execution script - they would see the way you determine the true password.

Code:
> echo $var3
3jklomnepq
> pwd=$(echo $var3 | cut -c2,5,8)
> echo $pwd
joe

And there are ways to build upon something like this - to take that first digit and understand it as the offset. I sort of did that here with the first digit being 3 and then taking character 2, then character 5 (2+3), then character 8 (5+3). I just forced the math rather than adding a couple commands to have the cut know what positions to cut.
# 3  
Old 10-24-2008
Hi Joey,

Thanks for the reply. In your example people will still be able to go to the VARS file and see the password. Are there any FTP specific param files that the password could be put it that would make it harder to find? In my internet search I saw some code use $PASSWORD$ but it was not explained.

Thanks again!
# 4  
Old 10-24-2008
Is sftp an option? If you use sftp you can just exchange keys and never have to worry about the password being viewable...
# 5  
Old 10-24-2008
Hi sethcoop,

I do believe that sftp is available. How would I assign the keys?

Thank you
# 6  
Old 10-24-2008
Generate your keys with the command "ssh-keygen".. take all default values... you will see the following and it will create two files for you... the public and private keys...

Code:
sethcoop@burn:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/sethcoop/.ssh/id_rsa):
Created directory '/home/sethcoop/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/sethcoop/.ssh/id_rsa.
Your public key has been saved in /home/sethcoop/.ssh/id_rsa.pub.
The key fingerprint is:
3c:58:48:6b:9e:9c:c3:72:1b:8f:a9:f8:a5:c4:31:29 sethcoop@burn
sethcoop@burn:~$ cd .ssh
sethcoop@burn:~/.ssh$ ls -al
total 16
drwx------ 2 sethcoop sethcoop 4096 2008-10-24 12:16 .
drwxr-xr-x 3 sethcoop sethcoop 4096 2008-10-24 12:15 ..
-rw------- 1 sethcoop sethcoop 1671 2008-10-24 12:16 id_rsa
-rw-r--r-- 1 sethcoop sethcoop  411 2008-10-24 12:16 id_rsa.pub
sethcoop@burn:~/.ssh$

now you can take the contents of the id_rsa.pub file and add it to the /home/userid/.ssh/authorized_keys file on the remote server.

Watch out for you permissions because they have to be correct.. ie (your home directory can only be user writable the .ssh direcotry should have 700 permissions and the authorized_keys file should have 600 permissions).

when you have the public key shared the you can type in
Code:
$ sftp userid@remotehost

and it will log you in...

hope this works... let us know if you have any troubles.
# 7  
Old 10-24-2008
I just found out that we do not have SFTP on the mainframe systems I need to go to.

Thanks for your help.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Password hiding in UNIX

Hi guys, I use STTY command to make the password invisible. Now I need to write the password into another file pwd.txt, but in an invisible manner, something like ******. Another thing is to when I echo the content of pwd.txt I get the password I actually typed. Thanks guys. Help me out. (5 Replies)
Discussion started by: mohanalakshmi
5 Replies

2. Shell Programming and Scripting

Automated FTP without plaintext user/password in script

hi , i am a still beginner in unix and specially in ftp i've written this script but my admin asked me that he don't want to see in my ftp neither user neither password , so i've created .netrc file where in it i've put machine name , user and pass but still included in my script , so if someone... (19 Replies)
Discussion started by: semaan
19 Replies

3. Shell Programming and Scripting

How: FTP in shell Script without asking password.

Hi In my shell script I am generating one text file and this text file I want to place in Mount point. THis mount point is havig access to Windows. I want to put the file in this mount point by using FTP rather normal cp or mv command from my shell script. This is in order to prevent... (5 Replies)
Discussion started by: shekharjchandra
5 Replies

4. Shell Programming and Scripting

Remote call not hiding password fields

Not sure on the description, but here is a quick rundown. I have 2 servers, we'll call them serverA serverB On serverB, I am calling a script that inside it has the following: ssh srvdsadm@serverB sudo -u dsadm /opt/apps/DataStage/scripts/autoDeploy.sh ${projName} ${subProjVar}... (1 Reply)
Discussion started by: cbo0485
1 Replies

5. Shell Programming and Scripting

Scripting help/advise on hiding/masking username/password

Hi, I currently have a UNIX script with a function that uses a username and password to connect to the database, retrieve some information and then exit. At the moment, am getting the username and password from a hidden plain text file and permission set to -r--------, i.e. read only to who... (1 Reply)
Discussion started by: newbie_01
1 Replies

6. UNIX for Dummies Questions & Answers

New Approach Hiding login password from ps -ef

Hello all , I looked up this site for solutions to hide login info from ps -ef | grep like using a seperate file and store the password in that especially for oracle sqlplus scripts. I just got this thought , But dont know how to implement this in UNIX. Is there a way to revoke access from... (17 Replies)
Discussion started by: simonsimon
17 Replies

7. UNIX for Dummies Questions & Answers

Hiding Password

Hello. A bit of a puzzle here: I have a 3rd party executable, which requires the following parameters: parm1 = program_name, parm2=userid/password, parm3=additional flags. We tried passing password as a variable, but you can do grep, and see what the password actually is I found a bit... (2 Replies)
Discussion started by: Kishinevetz
2 Replies

8. Shell Programming and Scripting

FTP Script with hidden login name and Password

hi, i need a method to hide the login name and password ....during FTP ....in the script.. thnks (3 Replies)
Discussion started by: scorpiyanz
3 Replies

9. UNIX for Dummies Questions & Answers

Hiding login/password in process!

Hello, I am trying to figure out away to hide a command from users when performing a ps check. I have a ksh that purges a table in a database. If I perform a >ps -eaf |grep ksh, I get the login id and password. I do not want other users seeing this. Is there a way to hide this. The login... (5 Replies)
Discussion started by: ctcuser
5 Replies

10. Shell Programming and Scripting

Hiding password from ps

I'm calling a program with a command line arguement containing a password. while the process is running anyone on the system can ps -ef and see the password. Is there a way to prevent this from happening. example PROGRAM USERNAME/PASSWD I've also tried PROGRAM `cat passfile` ... (7 Replies)
Discussion started by: sudojo
7 Replies
Login or Register to Ask a Question