LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-11-2010, 05:53 AM   #1
Jerry Mcguire
Member
 
Registered: Jul 2009
Location: Hong Kong SAR
Distribution: RedHat, Fedora
Posts: 156

Rep: Reputation: 19
Automate ftp session without bare password being seen


Hi all,

I need to ftp some files nightly from my linux box to an arbituary ftp server not controlled by me.

The ftp server admin has granted me an account for the purpose, but do not wish me to store the plain username or password in any script files for security reasons. How can I do that?

the wrong way would be:
Code:
$ cat my_script
open server_address
user plane_ftp_username plane_ftp_password
put a.txt
put b.txt
bye

$ ftp -inv < my_script > my_log &
Thank you.

p.s.
I could request the ftp username of my choice though.

Last edited by Jerry Mcguire; 03-11-2010 at 06:04 AM. Reason: p.s.
 
Old 03-11-2010, 05:59 AM   #2
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 249Reputation: 249Reputation: 249
If you chmod your script 700 then only you can read it or execute it.

FTP passes the username and password in plain text anyway.
Better off using scp.
 
Old 03-11-2010, 06:04 AM   #3
sohail0399
Member
 
Registered: Oct 2008
Location: Pakistan, Islamabad
Distribution: CentOS, Fedora, Solaris
Posts: 154

Rep: Reputation: 23
there is a solution which is scp and key based authentication


first you have to generate public keys

using command:
ssh-keygen

key geneterd would be at
~/.ssh/

than you have to copy your public keys to that systems

and save your keys at remote machine:
~/.ssh/authorized_keys

then verify it by ssh username@IP_Address
it will not ask for password

then you can use command to copy data
scp file.txt username@IP_address:


first test all this things then you can also set cron job.
 
Old 03-11-2010, 06:06 AM   #4
vinaytp
Member
 
Registered: Apr 2009
Location: Bengaluru, India
Distribution: RHEL 5.4, 6.0, Ubuntu 10.04
Posts: 704

Rep: Reputation: 55
Hi Jerry Mcguire,

I agree SSH better implements this, as said by sohail0399.

If you have only access to ftp then here are few tips to you.

Apart from 700 permission, you may use encryption before you open and write that file in vi.

Open the file this way
Code:
vi -x my_script
It prompts you to enter an encryption key. Next time to open the file you have to provide this key to view and change the contents of the file.

This is just a way to protect your file. But the data will be sent unencrypted in the network

Last edited by vinaytp; 03-11-2010 at 06:11 AM.
 
Old 03-11-2010, 07:08 AM   #5
jamescondron
Member
 
Registered: Jul 2007
Location: Scunthorpe, UK
Distribution: Ubuntu 8.10; Gentoo; Debian Lenny
Posts: 961

Rep: Reputation: 69
May I ask, how would the admin know if you saved the passwords or not?
 
Old 03-11-2010, 08:22 AM   #6
smoker
Senior Member
 
Registered: Oct 2004
Distribution: Fedora Core 4, 12, 13, 14, 15, 17
Posts: 2,279

Rep: Reputation: 249Reputation: 249Reputation: 249
Quote:
Originally Posted by vinaytp View Post
Hi Jerry Mcguire,

I agree SSH better implements this, as said by sohail0399.

If you have only access to ftp then here are few tips to you.

Apart from 700 permission, you may use encryption before you open and write that file in vi.

Open the file this way
Code:
vi -x my_script
It prompts you to enter an encryption key. Next time to open the file you have to provide this key to view and change the contents of the file.

This is just a way to protect your file. But the data will be sent unencrypted in the network
Can you run an encrypted shell script ?
 
Old 03-11-2010, 08:42 AM   #7
vinaytp
Member
 
Registered: Apr 2009
Location: Bengaluru, India
Distribution: RHEL 5.4, 6.0, Ubuntu 10.04
Posts: 704

Rep: Reputation: 55
Quote:
Originally Posted by smoker View Post
Can you run an encrypted shell script ?
Ahhh, I did not notice this. It is not possible. I just thought of hiding the password.
 
Old 03-11-2010, 08:42 PM   #8
Jerry Mcguire
Member
 
Registered: Jul 2009
Location: Hong Kong SAR
Distribution: RedHat, Fedora
Posts: 156

Original Poster
Rep: Reputation: 19
Not solved yet.

Storing the password in plain text is prohibited by company policy.

Quote:
copy your public keys to that systems and save your keys at remote machine:
~/.ssh/authorized_keys
won't work neither. The other party is not Unix/Linux, possibly Windows. I do not have control over the ftp server, remember?

Quote:
FTP passes the username and password in plain text anyway.
That's right. Glad the big guys don't read our forum. Shh!!... or we will be the next waves of trouble.
 
Old 03-12-2010, 12:42 AM   #9
sohail0399
Member
 
Registered: Oct 2008
Location: Pakistan, Islamabad
Distribution: CentOS, Fedora, Solaris
Posts: 154

Rep: Reputation: 23
ok fine

if you want use only script of FTP then you can also save the password in the script and
encryption is also possible, i have used it for telnet script

i have also tested "vi -x my_script"
its encrypted the file but script can not be run so

may be this would helpful to you check this link:

http://www.linuxsecurity.com/content...117920/49/1/1/
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Automate FTP / Scripting FTP Transfers files from linux to windows m/c ashishshukla Programming 5 05-26-2016 10:10 AM
Shell Script Commands to Automate Server or Host Telnet Login Session jakesjohn Linux - Software 4 02-09-2010 12:32 AM
Shell Script Commands to Automate Server or Host Telnet Login Session jakesjohn Linux - General 2 02-09-2010 12:28 AM
Automate FTP session using Shell Script kalyanofb Programming 2 04-07-2007 09:44 AM
LXer: Speaking Unix, Part 6: Automate, automate, automate! LXer Syndicated Linux News 0 01-04-2007 10:54 AM


All times are GMT -5. The time now is 05:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration