Julie,
Their security people (if sufficiently paranoid) may object to that, even. I've run into that before.
Respectfully,
Ralph D. Wilson II
Senior Programmer Analyst
Information Technology Department
9311 San Pedro Suite 600
San Antonio TX 78216
(800) 527-0066 x7368
(210) 321-7368 (direct)
[EMAIL PROTECTED]
| "Julie Junod"
<[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 09/18/2006 12:05 PM
|
|
You can save the username/password in a site profile and reference the site profile from the script.
http://support.ipswitch.com/kb/WS-20020520-DM02.htm
Thanks,
Julie
-----Original Message-----
From: "Bob Woodward" <[EMAIL PROTECTED]>
Sent 9/18/2006 12:59:02 PM
To: [email protected]
Subject: RE: [WS_FTP Forum] How to script for FTP SSL without putting USER
ID/Password inside the script
I don’t know how you’re going to do this, otherwise. If you think about it, you’re asking for a way to get to your files without providing any form of authentication. Even if someone comes up with a method to pipe in a user id and password, it’s still going to have to be stored on disk. Either you’re going to have to require someone to manually type in a password, at a minimum, or you have to somehow store the information.
You might be able to further restrict access to the script, itself, by making it hidden and/or only readable by whatever user id you are running it from.
To provide an automated method of getting your files, you’re going to have to provide the information somehow. I really think your best solution is the one I suggested. If Security won’t buy off on a tightly controlled user, you’re pretty much stuck with a manual process.
Good luck.
BobW
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Yasrebi
Sent: Monday, September 18, 2006 8:40 AM
To: [email protected]
Subject: RE: [WS_FTP Forum] How to script for FTP SSL without putting
USER ID/Password inside the script
Thanks Bob,
But even I do this I still need to put the user id and password in the script. The problem is that our Security department’s requirements prohibit us from doing so.
So I still should find a way to have the authentication and authorization be done outside of the script.
Thanks
Al
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bob Woodward
Sent: Monday, September 18, 2006 11:33 AM
To: [email protected]
Subject: RE: [WS_FTP Forum] How to script for FTP SSL without putting
USER ID/Password inside the script
As a suggestion to consider, set up an ftp user that you’ve stripped all rights from with the exception of read rights to the one directory where your files will be. This way you’ll limit your exposure through the user in case anyone stumbles across it. That should make it pretty much a moot point for the UID and Password to be in the script.
BobW
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Yasrebi
Sent: Monday, September 18, 2006 8:12 AM
To: [email protected]
Subject: [WS_FTP Forum] How to script for FTP SSL without putting USER
ID/Password inside the script
Environment
Server: WS_FTP
Client: WS_FTP Pro 2007
Problem: I need to schedule to run a script 4 times a day, 5 days a week under FTP/SSL mode.
I already created a simple script in regular FTP mode which I scripted the user id and password and then I connect and download my files.
I created 4 schedules to run this script 4 times a day 5 days a week and it works fine.
The problem I have is this:
When we go live to work with FTP/SSL mode, I will need to make sure that my script does not have the user id and password in it but yet still connects securely and download files. The sample I found from the IPSWITCH website is still passing the user id and password (http://support.ipswitch.com/kb/WS-20010110-DM01.htm)
This is their example:
TRACE SCREEN
LOG SCREEN
USER user name
PASS password
SSL 1
CONNECT xxx.xxx.xxx.xxx
How can I omit the User ID and Password from this script?
Thanks
Al
This electronic message and all attachments
transmitted with
it may contain confidential and legally
privileged information
belonging to the sender. Please
visit
http://www.fbr.com/ecdisclosures.asp
for important related
disclosures, by either following the
attached hyperlink or
copying and pasting the URL into your
internet browser.
This electronic message and all attachments
transmitted with
it may contain confidential and legally
privileged information
belonging to the sender. Please
visit
http://www.fbr.com/ecdisclosures.asp
for important related
disclosures, by either following the
attached hyperlink or
copying and pasting the URL into your
internet browser.
