HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: FTP scripting question
Operating System - HP-UX
1827894
Members
1694
Online
109969
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2000 03:06 PM
09-21-2000 03:06 PM
FTP scripting question
Hello,
I am building an ftp server using wu-ftp on an e25 11.0 server. I want to write scripts that will automatically ftp files from this server to specific IP addresses outside our firewall. From what I know, to do this, I will have to add the username and password in the scripts, to allow them to log into other servers and transfer the files. I did a search on the Forum and saw the same standard for other ftp scripts. It seems that my only option is to make the scripts rwx by root only. Is there any other option to writing such a script?
(I mistakenly posted this on the Database Forum--sorry).
I am building an ftp server using wu-ftp on an e25 11.0 server. I want to write scripts that will automatically ftp files from this server to specific IP addresses outside our firewall. From what I know, to do this, I will have to add the username and password in the scripts, to allow them to log into other servers and transfer the files. I did a search on the Forum and saw the same standard for other ftp scripts. It seems that my only option is to make the scripts rwx by root only. Is there any other option to writing such a script?
(I mistakenly posted this on the Database Forum--sorry).
If at first you don't succeed, change the rules!
5 REPLIES 5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2000 03:25 PM
09-21-2000 03:25 PM
Re: FTP scripting question
Hi:
Other than embedding the password in the FTP script itself the other choice that comes to mind is the use of the $HOME/.netrc to hold the password. This is considered a "step-up" in security, although not that much. See: man 4 netrc
...JRF...
Other than embedding the password in the FTP script itself the other choice that comes to mind is the use of the $HOME/.netrc to hold the password. This is considered a "step-up" in security, although not that much. See: man 4 netrc
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2000 04:41 PM
09-21-2000 04:41 PM
Re: FTP scripting question
Youlette:
If you are worried about security, I would suggest that you look at installing ssh (eg.from http://www.datafellows.com or http://www.openssh.org ) and create public/private key combinations. You can then send the public key of one user/host to the other server outside the firewall.
Because the keys are specially generated with the password encrypted as part of it, you would your keys cannot be read off to get the passwords... and it is practically impossible to reverse the passwords given the keys. The ssh documentation has instructions on how to set up generating and distributing keys with embedded passwords. you can then use scp or sftp to transmit your data back and forth in a script without worrying about your passwords being stored in a file or being transmitted in clear text.
If you do not want to go with the ssh option, then you use the .netrc option as suggested by James.
If you are worried about security, I would suggest that you look at installing ssh (eg.from http://www.datafellows.com or http://www.openssh.org ) and create public/private key combinations. You can then send the public key of one user/host to the other server outside the firewall.
Because the keys are specially generated with the password encrypted as part of it, you would your keys cannot be read off to get the passwords... and it is practically impossible to reverse the passwords given the keys. The ssh documentation has instructions on how to set up generating and distributing keys with embedded passwords. you can then use scp or sftp to transmit your data back and forth in a script without worrying about your passwords being stored in a file or being transmitted in clear text.
If you do not want to go with the ssh option, then you use the .netrc option as suggested by James.
nothing wrong with me that a few lines of code cannot fix!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-22-2000 08:37 AM
09-22-2000 08:37 AM
Re: FTP scripting question
Hi:
Please see your post and other suggestions in the database catetory too.
...JRF...
Please see your post and other suggestions in the database catetory too.
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-22-2000 08:55 AM
09-22-2000 08:55 AM
Re: FTP scripting question
Hi Youlette!
I have seen that your questions have probably been answered, but I'd like to add an example or too for using the netrc file.
Make a user. Lets call him usera.
in his home directory, build the .netrc file. In this .netrc file, you can also define an "init" macro, which is executed at the start of each ftp session.
this "init" macro can perform ALL of your work. I.E.>
> lcd SOURCEDIR
> cd DESTDIR
> bin
> prompt
> mput *
> bye.
If this user has an entry in '/usr/lib/cron.allow' then this gives you a pretty powerfull way of making a user script to first compress then encrypt your data, and move to destination, ftp to the host defined in $HOME/.netrc and put the files in $SOURCEDIR on a scheduled basis.
I have used this method before to monitor directories for new files (dropped their by users) and get them to foreign sites. Because the crypt command can use pretty desent size keys, customers are usually pretty happy. (best of all it's free!)
I have seen that your questions have probably been answered, but I'd like to add an example or too for using the netrc file.
Make a user. Lets call him usera.
in his home directory, build the .netrc file. In this .netrc file, you can also define an "init" macro, which is executed at the start of each ftp session.
this "init" macro can perform ALL of your work. I.E.>
> lcd SOURCEDIR
> cd DESTDIR
> bin
> prompt
> mput *
> bye.
If this user has an entry in '/usr/lib/cron.allow' then this gives you a pretty powerfull way of making a user script to first compress then encrypt your data, and move to destination, ftp to the host defined in $HOME/.netrc and put the files in $SOURCEDIR on a scheduled basis.
I have used this method before to monitor directories for new files (dropped their by users) and get them to foreign sites. Because the crypt command can use pretty desent size keys, customers are usually pretty happy. (best of all it's free!)
Microsoft. When do you want a virus today?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-22-2000 11:34 AM
09-22-2000 11:34 AM
Re: FTP scripting question
Thanks to all for responding so quickly.
I opted for the Openssh, since I can use ssh instead of telnet, rlogin, etc. Unfortunately, I am encountering the following installation problem. Help! In the meantime, I am reading up on .netrc
I have installed OpenSSL, egd, and zlib. However, when I start to install Openssh with the following command, I get the following error message:
./configure --with-openssl-dir=/usr/local/ssl-withentropy-pool=/dev/random
checking for HPUX trusted system password database... yes
configure: warning: This configuration is untested
checking for deflate in -lz... no
configure: error: *** zlib missing - please install first ***
So I re-ftp'd and reinstalled the zlib.tar.gz file again and received the same error. I have copied the commands and the results of installing zlib below. Can anyone help with this?
Thanks
# ./configure
Checking for gcc...
Building static library libz.a version 1.1.3 with cc.
Checking for unistd.h... Yes.
Checking for errno.h... Yes.
Checking for mmap support... Yes.
# make && make test
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c example.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c adler32.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c compress.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c crc32.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c gzio.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c uncompr.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c deflate.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c trees.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c zutil.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c inflate.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c infblock.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c inftrees.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c infcodes.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c infutil.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c inffast.c
ar rc libz.a adler32.o compress.o crc32.o gzio.o uncompr.o deflate.o trees.o zutil.o inflate.o infblock.o inftrees.o infcodes.o infutil.o inffast.o
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -o example example.o -L. -lz
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c minigzip.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -o minigzip minigzip.o -L. -lz
hello world
uncompress(): hello, hello!
gzread(): hello, hello!
gzgets() after gzseek: hello!
inflate(): hello, hello!
large_inflate(): OK
after inflateSync(): hello, hello!
inflate with dictionary: hello, hello!
*** zlib test OK ***
# /bin/su
# make install
cp zlib.h zconf.h /usr/local/include
chmod 644 /usr/local/include/zlib.h /usr/local/include/zconf.h
cp libz.a /usr/local/lib
cd /usr/local/lib; chmod 755 libz.a
cd /usr/local/lib; if test -f libz.sl.1.1.3; then
rm -f libz.sl libz.sl.1;
ln -s libz.sl.1.1.3 libz.sl;
ln -s libz.sl.1.1.3 libz.sl.1;
(ldconfig || true) >/dev/null 2>&1;
fi
I opted for the Openssh, since I can use ssh instead of telnet, rlogin, etc. Unfortunately, I am encountering the following installation problem. Help! In the meantime, I am reading up on .netrc
I have installed OpenSSL, egd, and zlib. However, when I start to install Openssh with the following command, I get the following error message:
./configure --with-openssl-dir=/usr/local/ssl-withentropy-pool=/dev/random
checking for HPUX trusted system password database... yes
configure: warning: This configuration is untested
checking for deflate in -lz... no
configure: error: *** zlib missing - please install first ***
So I re-ftp'd and reinstalled the zlib.tar.gz file again and received the same error. I have copied the commands and the results of installing zlib below. Can anyone help with this?
Thanks
# ./configure
Checking for gcc...
Building static library libz.a version 1.1.3 with cc.
Checking for unistd.h... Yes.
Checking for errno.h... Yes.
Checking for mmap support... Yes.
# make && make test
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c example.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c adler32.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c compress.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c crc32.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c gzio.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c uncompr.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c deflate.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c trees.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c zutil.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c inflate.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c infblock.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c inftrees.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c infcodes.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c infutil.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c inffast.c
ar rc libz.a adler32.o compress.o crc32.o gzio.o uncompr.o deflate.o trees.o zutil.o inflate.o infblock.o inftrees.o infcodes.o infutil.o inffast.o
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -o example example.o -L. -lz
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -c minigzip.c
cc -O -DHAVE_UNISTD_H -DUSE_MMAP -o minigzip minigzip.o -L. -lz
hello world
uncompress(): hello, hello!
gzread(): hello, hello!
gzgets() after gzseek: hello!
inflate(): hello, hello!
large_inflate(): OK
after inflateSync(): hello, hello!
inflate with dictionary: hello, hello!
*** zlib test OK ***
# /bin/su
# make install
cp zlib.h zconf.h /usr/local/include
chmod 644 /usr/local/include/zlib.h /usr/local/include/zconf.h
cp libz.a /usr/local/lib
cd /usr/local/lib; chmod 755 libz.a
cd /usr/local/lib; if test -f libz.sl.1.1.3; then
rm -f libz.sl libz.sl.1;
ln -s libz.sl.1.1.3 libz.sl;
ln -s libz.sl.1.1.3 libz.sl.1;
(ldconfig || true) >/dev/null 2>&1;
fi
If at first you don't succeed, change the rules!
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Support
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP