LISTSERV - HP3000-L Archives

HP3000-L Archives

October 1997, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L October 1997, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: FTP passwords?
From:	"Stigers, Greg ~ AND" <[log in to unmask]>
Reply To:	Stigers, Greg ~ AND
Date:	Fri, 10 Oct 1997 16:55:37 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (72 lines)

Funny you should ask. I am working on some ftp job streams. There are
two approaches, both of which depend on your job having access to files
that no other non-SM user does. From there, there are no small number of
tricks to achieve something like this.

The more obvious of the two is to use
run ftp.arpa.sys; stdin=ftpcmds
in your job stream, where that ftpcmds is well secured. In fact, that
line comes from the Using FTP Commands in UDCs and Programs portion, of
Chapter 4 Using FTP, in the HP ARPA File Transfer Protocol User's Guide.

The far less obvious is to use a NETRC file, and file equate it to
something well secured. Someone posted a question about this to the
list, and when I searched the entire LaserROM, I found the following in
a Software Release Bulletin (so for those of you looking for MPE trivia
stumpers...)

Full NETRC file functionality

1. The file resides in NETRC.<home-group>.  File equations are allowed,
   so if you were logged as JOE.SCHMOE and wanted to use a NETRC file
   residing elsewhere on the system, you could issue the file equation:
      file NETRC.<JOE's home group>=NETRC.<other-group>.<other-account>

2. a. The syntax for each line of the file is:
         machine <string> login <string> password <string>
            or
         default login <name> password <name>
   b. There should be at most one "default" entry per file.
   c. Each of the tokens "machine", "login", "password" and "default"
      must match exactly, and must be in lower-case.
   d. Each token must be separated by any number of SPACE or TAB
      characters.
   e. Each <string> identifier may be encapsulated by double-quotes,
      i.e. e.g.,
         machine "HPBOX" login "JOE.SCHMOE" password "USER,ACCT"
            and
         machine HPBOX   login JOE.SCHMOE   password USER,ACCT
      are equivalent.  This feature would be useful when a space is
      embedded as part of a password, for example.

Note: unencrypted password stored in a file like this constitute a
      security risk.  If this is a problem, try the following command:
         :altsec netrc.<home-group>.<account>;access=(r,w,a,l,x:cr)
      If this is still a problem, don't use a NETRC file!  It is
      provided for usability, but its use is by no means required.


>----------
>From:  Bruce Conrad[SMTP:[log in to unmask]]
>Sent:  Friday, October 10, 1997 4:10 PM
>To:    [log in to unmask]
>Subject:       [HP3000-L] FTP passwords?
>
>     How do people handle FTP passwords?
>
>     We would prefer to not have to embed system passwords into JCL. We
>     have Maestro, and will probably use that to 'hide' the passwords from
>     prying eyes. I'm just looking for other alternatives/suggestions...
>
>     fyi, we ftp from our HP3000's to remote HP3000's, IBM ES9000's, and
>     other systems. [could be AS/400, VAX, Alpha, u-name-it]
>
>     Bruce Conrad, Software Control Analyst
>     Harvard Pilgrim Health Care, Quincy, MA
>     www.HarvardPilgrim.Org
>     //members.aol.com/bhconrad/index.html
>
>     "All the women of my dreams, were the kind that lived beyond my
>     means." - Level 42
>

ATOM RSS1 RSS2

RAVEN.UTC.EDU