How to Protect Your Passwords and Other Strings with FTP Scripting
March 5th, 2014 by Rossy GuideWhat is FTP Scripting
The FTP scripting language consists of a list of file transfer related commands, conditional statements, and loops necessary for initiating, managing, and reporting the status of automated file transfers.
For what it can be used?
FTP scripts enable the automation of file transfers and many other file processing activities. The scripting language is simple yet expressive and provides error checking, conditional execution, looping, list handling, wildcard matching, and variable manipulation. Secure file transfers using both FTPS (SSL/TLS) and SFTP (SSH2) are supported in addition to regular FTP.
Scripts may be executed from the command line, scheduled as one-time/recurring tasks, triggered when the contents of a monitored folder changes, or called from other scripts.
This scripting language provides commands to store and retrieve multiple public and private keys using keyrings, import and export public and private key files, and encrypt and decrypt files using Openpgp.
Benefits of FTP Scripting
o Easy to learn scripting language.
o Automating the transfers is as easy as putting these commands into a script file.
o Worked with string and numeric variables.
o Worked with lists of files and folders.
o Synchronized whole directory trees using a single command.
o Supported some more file transfer and file system command operations.
o Supported local file operations and email notification.
o Accepted Openpgp automation concepts.
o Accessed system information.
o Supported public key authentication and client side ssl certificates.
o Run an ftp script within a batch file outside of the Sysax ftp automation program.
How FTP Scripting protects your passwords and other strings
The following switch encrypts the string that is passed in. It is part of a mechanism used to hide passwords and other important strings. The generated encrypted string can be used with the setprotectedvar command within a script.
Syntax:
-protectstring <string to be protected> encrypt a string for use with the setprotectedvar command |
Examples of using the switch for creating protected strings:
sysaxftp -protectstring mypassword #protect the "mypassword" string by encrypting it sysaxftp -protectstring mypassword > passfile.txt #encrypt "mypassword" and save it to passfile.txt |
Usage:
Hide username and password in the current script. The contents of a protected variable will be automatically decrypted when the variable is passed to the ftpconnect* group of commands, the certload command, or the pkeyload command. In all other cases, only the encrypted value is made available. The encrypted string for a protected variable should be generated from the command line using the -protectstring option.
Syntax for setting and updating variables:
setvar <variable>,<string or number>; strprint <variable>, <sequence of comma separated strings, numbers, and variables>; setprotectedvar <variable>, <encrypted string generated from the command line using the -protectstring option>; |
Examples of setting and updating variables:
setvar ~my_number, 5;setvar ~my_string, "this is a string"; strprint ~my_value, "the value is ", 5, " bytes"; setprotectedvar ~my_value, “:#!FEC016d09ab332ff7edfdbe90dd212c8b0e37dd033bc6cd7ad3d31f5a4075 e94d1f1c0ef8cb423837f63e00000000000000000003UsokpdRYrZyypl5Ir9”; |