HPE Community
Operating System - HP-UX
1821245 Members
2926 Online
109632 Solutions
New Discussion юеВ

Perl and FTP

 
SOLVED
Go to solution
rccmum
Super Advisor

тАО09-15-2008 11:12 AM

тАО09-15-2008 11:12 AM

Perl and FTP

I am writing a perl script and using Net:FTP module.

I was wondering if there is away I can have the script detect the file type ( Binary or ASCII) automatically?

I am putting the FTP server login in credentials in the script. Is there any way to hide/encrypt the password field?

Is there any way to encrypt a perl script so if someone wants to open it for read will ask some password however the script is executable anyway?

Thanks in advance.

0 Kudos
Reply
4 REPLIES 4
H.Merijn Brand (procura
Honored Contributor

тАО09-15-2008 12:41 PM

тАО09-15-2008 12:41 PM

Solution

Re: Perl and FTP

Yes, using ~/.netrc and Net::Netrc

--8<---
use Net::FTP;
use Net::Netrc;

my ($host, $u, $p) = ("some.host.com", "username");
if (my $machine = Net::Netrc->lookup ($host)) {
($u, $p) = $machine->lpa;
}

my $ftp = Net::FTP->new ($host, Passive => 1) or die "Connect failed: $@";
$ftp->login ($u, $p) or die "login: " .$ftp->message;
$ftp->binary or die "binary: " .$ftp->messgae;
-->8---

Enjoy, Have FUN! H.Merijn
Enjoy, Have FUN! H.Merijn
Reply
Bill Hassell
Honored Contributor

тАО09-15-2008 06:32 PM

тАО09-15-2008 06:32 PM

Re: Perl and FTP

> I was wondering if there is away I can have the script detect the file type ( Binary or ASCII) automatically?

There isn't any method to detect ASCII except to guess. The problem is that BINARY is an ftp protocol that simply sends exactly what is on the source and stores it the same way on the destination. An ASCII transfer is much more complicated to accommodate the myriad of differences between OS file formats. In the code, the source file is read one record at a time with the record defined by the source system. This record is sent with length information so that that receiving side can add whatever special code(s) are needed to form an "ASCII" file on the destination system. Mainframes have dozens of specialized formats so ASCII can be quite useful in transferring text files.

But the definition of an ASCII file, especially in Unix is quite convoluted. A Postscript file is ASCII but technically, a PCL file is mostly ASCII with escape sequences. An awk or Perl script is ASCII but a library file or executable is binary but of dubious value on another system. So the decision must be made based on the purpose and usage of the file.

> credentials in the script

Why worry about it? Anyone can sniff the network and see the plain text login and password. That's why ftp is deprecated for secure data transmissions or at least limited to FTP-only chroot accounts.

If you have no choice in FTP, consider using $HOME/.netrc to hide the login/password outside the script. This is only a trivial mechanism because the script must be run by the user with the $HOME/.netrc file.

The ideal method is scp or sftp using public key exchange. In this way, no user or password is visible during the negotiation and the data is protected.


Bill Hassell, sysadmin
Reply
rccmum
Super Advisor

тАО09-29-2008 06:57 PM

тАО09-29-2008 06:57 PM

Re: Perl and FTP

Thank you both of you for your responses and time.

Any comment on the encrypting a perl script?


Thanks again for your help.
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО09-30-2008 03:45 AM

тАО09-30-2008 03:45 AM

Re: Perl and FTP

Hi:

> Is there any way to encrypt a perl script so if someone wants to open it for read will ask some password however the script is executable anyway?

By using the Net::Netrc module you don't have a plaintext password in the Perl script itself, so there is no danger in seeing the script's contents.

In lieu of FTP, you could easily change to SFTP using Perl's Net::SFTP::Foreign module. Fetch it and read its documentation here:

http://search.cpan.org/~salva/Net-SFTP-Foreign-1.43/lib/Net/SFTP/Foreign.pm

Regards!

...JRF...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.