Operating System - OpenVMS
1748204 Members
3887 Online
108759 Solutions
New Discussion юеВ

how to hide passwd while copy between server.

 
shiva27
Frequent Advisor

how to hide passwd while copy between server.

Can you suggest.

How can hide password on below command while copying the files between two servers.I tried to define the symbol for password string but saying syntax not correct.

OS:OpenVMS8.3/7.3-2

$copy a.txt node2"account password"::disk:[dir]
19 REPLIES 19
Ian Miller.
Honored Contributor

Re: how to hide passwd while copy between server.

create a proxy on node2

____________________
Purely Personal Opinion
Wim Van den Wyngaert
Honored Contributor

Re: how to hide passwd while copy between server.

Define "hide".

1) set nover before the copy and the password will not show in log files
2) put password in symbol and use "account ''symbol'":: in the command procedure.

Wim
Wim
Hakan Zanderau ( Anders
Trusted Contributor

Re: how to hide passwd while copy between server.

I don't think there is a way to hide the password.......( sticking my neck out here )

But....

Instead of passing username and password, you can setup a proxy in node2 for the specific user.

$ MCR AUTHORIZE
UAF> ADD/PROXY remodenode::remote_user local_user /DEFAULT

$ MCR AUTHORIZE HELP ADD/PROXY ( for additional help )

Hakan Zanderau
Don't make it worse by guessing.........
Karl Rohwedder
Honored Contributor

Re: how to hide passwd while copy between server.

To hide it from being displayed on the terminal you may define a logical name:

$ assign "SYSTEM""USER PWD""::" REMOTE

and the do e.g.:

$ dir REMOTE:

regards Kalle
Robert Gezelter
Honored Contributor

Re: how to hide passwd while copy between server.

Shiva,

There is hiding and there is hiding.

DECnet is unencrypted (unless you are using DECnet over IP, and that over an enciphered channel, either directly or using a tunnel such as SSL).

To prevent the password from showing, one can use a logical name, to wit:

$ assign "" ""::" remote_node
$ directory remote_node:

The output of DIRECTORY will now not show the command. Of course, a SHOW LOGICAL command will display the logical name (as will ANALYZE/SYSTEM). For this type of purpose, it is worthwhile to make logical name user mode. However, the password WILL be in the clear on the network.

Using a Proxy, as has been suggested, requires trust between the two machines, which is a whole other hazard.

Perhaps it would be helpful to clarify from whom we are securing the password and for what purpose.

- Bob Gezelter, http://www.rlgsc.com
Hoff
Honored Contributor

Re: how to hide passwd while copy between server.

Who is your expected attacker here? Who (or what) are you defending against?

You're using classic text-based passwords and DECnet, so you're already somewhere between comparatively and completely insecure. You could use DECnet proxies and such here, but that's not particularly secure.

Switch to sftp and public key encryption, if you're serious.

shiva27
Frequent Advisor

Re: how to hide passwd while copy between server.

can you please suggest how to define symbol e.g 'tt'' for passwd string only so instead putting the passwd i will put symbol as 'tt'.

I want to follow as,

$copy a.txt node2"account 'tt''"::disk:[dir]

Steven Schweda
Honored Contributor

Re: how to hide passwd while copy between server.

> $copy a.txt node2"account 'tt''"::disk:[dir]

Where are those apostrophes?

node2"account ''tt'":: ?

To avoid confusion with the logical name
"TT", I'd avoid using a symbol "tt".

Robert Gezelter
Honored Contributor

Re: how to hide passwd while copy between server.

Shiva,

My post from yesterday has a typographical error.

The ASSIGN command should read:

$ ASSIGN/USER_MODE """ ""::" remote_node

The , , and should be replaced with the destination nodename, username, and password.

My apologies if the typographical errors caused any difficulty.

- Bob Gezelter, http://www.rlgsc.com