Re: Automating FTP transfers

---

• From: Tony Summers <tony.summers@xxxxxxxxxxxxxxxxxxxxxx>
• Date: Thu, 19 Jan 2006 11:04:55 -0000

---

As stated before, the passwords is added to the script just before it
is used. The script is generated as a session temporary file and the
users don't have access to CI commands.

Only the system admin and development teams have read access to the
configuration file.

-----Original Message-----
From: HP-3000 Systems Discussion [mailto:HP3000-L@xxxxxxxxxxxxx] On
Behalf Of donna garverick
Sent: 18 January 2006 23:31
To: HP3000-L@xxxxxxxxxxxxx
Subject: Re: [HP3000-L] Automating FTP transfers

--- Greg Stigers <gregstigers@xxxxxxxxxxx> wrote:

> Don't embed passwords in scripts, unless you are quite sure that no
> one can read, write or run the script or read its output. And when can

> you be sure of that? And when and how will you change the password for

> your ftp user?

i kinda thought i'd let him deal with one problem at a time :-)

but both you and art are absolutely right -- do not hardcode passwords!!

which opens a whole new can o'worms....

pre-sarox, a certain princess strongly advocated the use of .netrc
files. but many shops now are not allowed to use .netrc files (but our
princess still likes the concept....). about the only other alternative
left (because rcopy get ix-nayed by sarox too) is sftp.

speaking of sftp....is there a status for sftp on mpe? - d

Donna Garverick, HP-CSA Sr. System Programmer
dgarverick -at- longs -dot- com
925-210-6631 Longs Drug Stores

Come, my friends, 'Tis not too late to seek a newer world.
Tho' much is taken, much abides; and tho'
We are not now that strength which in old days Moved earth and heaven,
that which we are, we are.
"Ulysses", A. Tennyson

>>>MY opinions, not Longs Drug Stores'<<<

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________


The contents of this email are confidential to the intended recipient
and may not be disclosed. Although it is believed that this email and
any attachments are virus free, it is the responsibility of the recipient to confirm this.

Smith & Williamson Corporate Finance Limited - A member of the London Stock Exchange.
A member of M&A International Inc. http://www.mergers.net Registered in England No. 4533970. Authorised and regulated by the Financial Services Authority
Smith & Williamson Investment Management Limited, Registered No. 976145. Authorised and regulated by the Financial Services Authority.
Smith & Williamson Pension Consultancy Limited - Independent Intermediary. Registered No. 3133226. Authorised and regulated by the Financial Services Authority.
Smith & Williamson Fund Administration Limited, Registered No. 1934644. Authorised and regulated by the Financial Services Authority.
Smith & Williamson Limited - A member of Nexia International. Registered in England No. 4534022. Regulated by the Institute of Chartered Accountants in England & Wales for a range of investment business activities.
NCL Investments Limited, Registered No. 1913794.
Member of the London Stock Exchange authorised and regulated by the Financial Services Authority.

Registered Office: 25 Moorgate, London EC2R 6AY
Telephone: 020 7131 4000 http://www.smith.williamson.co.uk

Nexia Audit Limited - A member of Nexia International. Registered in
England No. 4469576. Registered to carry on audit work and regulated by the Institute of Chartered Accountants in England & Wales for a range of investment business activities.

Registered Office: 25 Moorgate, London EC2R 6AY
Telephone: 020 7131 4000 http://www.nexiaaudit.co.uk


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

.

---

• Prev by Date: Re: FW: Automating FTP transfers
• Next by Date: Re: OT: The Century Ahead
• Previous by thread: Re: FW: Automating FTP transfers
• Next by thread: New NIC: Why Printers Connecting Under Old NIC?
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: Local Admins ... Write a Perl script to handle it. ... change the passwords of local admins, ... when any new member is added to one of these groups. ... when someone in our group questioned whether we'd be sending passwords ... (Focus-Microsoft) Re: Send notification before PWDs expire ... built-in notification for PWDs expiration, ... interested in something like “Lots of people have taken the script and run ... make this deployment successful in a production environment. ... Finding the expiring passwords is not that big of a deal. ... (microsoft.public.windows.server.active_directory) Re: Problem running a script ... I thought of that but when I imported the users I assigned them all passwords ... ' UserAccountControl .vbs ... ' The heart of this script - Enable users ... how do I determine which part of domain policy is stopping ... (microsoft.public.windows.server.active_directory) Re: Complex Password Scripting ... Greg wrote: ... I have the script for modifying all passwords in the OU to the same password. ... 'objUser.SetPassword strPass ... (microsoft.public.windows.server.scripting)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)