- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- how to hide passwd while copy between server.
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 02:50 AM
01-05-2009 02:50 AM
how to hide passwd while copy between server.
How can hide password on below command while copying the files between two servers.I tried to define the symbol for password string but saying syntax not correct.
OS:OpenVMS8.3/7.3-2
$copy a.txt node2"account password"::disk:[dir]
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 03:10 AM
01-05-2009 03:10 AM
Re: how to hide passwd while copy between server.
Purely Personal Opinion
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 03:10 AM
01-05-2009 03:10 AM
Re: how to hide passwd while copy between server.
1) set nover before the copy and the password will not show in log files
2) put password in symbol and use "account ''symbol'":: in the command procedure.
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 03:18 AM
01-05-2009 03:18 AM
Re: how to hide passwd while copy between server.
But....
Instead of passing username and password, you can setup a proxy in node2 for the specific user.
$ MCR AUTHORIZE
UAF> ADD/PROXY remodenode::remote_user local_user /DEFAULT
$ MCR AUTHORIZE HELP ADD/PROXY ( for additional help )
Hakan Zanderau
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 03:53 AM
01-05-2009 03:53 AM
Re: how to hide passwd while copy between server.
$ assign "SYSTEM""USER PWD""::" REMOTE
and the do e.g.:
$ dir REMOTE:
regards Kalle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 04:14 AM
01-05-2009 04:14 AM
Re: how to hide passwd while copy between server.
There is hiding and there is hiding.
DECnet is unencrypted (unless you are using DECnet over IP, and that over an enciphered channel, either directly or using a tunnel such as SSL).
To prevent the password from showing, one can use a logical name, to wit:
$ assign
$ directory remote_node:
The output of DIRECTORY will now not show the command. Of course, a SHOW LOGICAL command will display the logical name (as will ANALYZE/SYSTEM). For this type of purpose, it is worthwhile to make logical name user mode. However, the password WILL be in the clear on the network.
Using a Proxy, as has been suggested, requires trust between the two machines, which is a whole other hazard.
Perhaps it would be helpful to clarify from whom we are securing the password and for what purpose.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 01:48 PM
01-05-2009 01:48 PM
Re: how to hide passwd while copy between server.
You're using classic text-based passwords and DECnet, so you're already somewhere between comparatively and completely insecure. You could use DECnet proxies and such here, but that's not particularly secure.
Switch to sftp and public key encryption, if you're serious.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 06:51 PM
01-05-2009 06:51 PM
Re: how to hide passwd while copy between server.
I want to follow as,
$copy a.txt node2"account 'tt''"::disk:[dir]
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2009 09:25 PM
01-05-2009 09:25 PM
Re: how to hide passwd while copy between server.
Where are those apostrophes?
node2"account ''tt'":: ?
To avoid confusion with the logical name
"TT", I'd avoid using a symbol "tt".
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-06-2009 02:22 AM
01-06-2009 02:22 AM
Re: how to hide passwd while copy between server.
My post from yesterday has a typographical error.
The ASSIGN command should read:
$ ASSIGN/USER_MODE "
The
My apologies if the typographical errors caused any difficulty.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-06-2009 06:24 AM
01-06-2009 06:24 AM
Re: how to hide passwd while copy between server.
Shiva,
Wim gave the rigth advice earlier, but you had the single quotes wrong, and you must not have verification in effect: $SET NOVERI.
If somehow you feel you must have verification active, and can not even disable it just around the command, then you have to tell DCL to POSTPONE the symbol substitution until the last moment.
You'll need the FULL filespec in the symbol.
Example using '0' as node name:
$set veri
$pass="secret"
$remote = "0""hein " + pass + """::*.COM;"
$show symb remote
$!REMOTE = "0"hein secret"::*.COM;"
$dir &remote
Logical names are a viable option as pointed out, but where does it get its value string from? How to hide that?
Similar as per above, but we have to throw in even more double quotes... but no longer need the full file spec.
$set veri
$pass="secret"
$remote = "0""""""hein " + pass + """""""::"
$show symb remote
$! REMOTE = "0"""hein secret"""::"
$define remote &remote
$show logical remote
$! "REMOTE" = "0"hein secret"::"
$dir remote:*.com;
:
Yes, that's 6 double quotes after the node name, and 7 before the '::'.
Hein.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-06-2009 03:31 PM
01-06-2009 03:31 PM
Re: how to hide passwd while copy between server.
UAF> ADD /PROXY [/DEFAULT] [from-spec] [to-spec]
within the UAF on the target host, and you're done. With this, no password is then needed; the specified user on the specified host can access the specified username on the specified remote host.
Or you can get (rather more) serious about system security, and reduce your dependence on (insecure) DECnet and on user-specified text passwords. The available ssh and sftp widgets support no-password logins and various passphrase-based and policy-based logins using public key encryption. Far more secure.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-06-2009 09:20 PM
01-06-2009 09:20 PM
Re: how to hide passwd while copy between server.
In our work enviornment our session log monitor by review team so what is my requirement is ,without displaying password on session, i want to copy the file between server.
I tried as,
$set term/noecho
$pass=="welcome"
$set term/echo
$copy test.txt remser"shiva pass"::disk:[dir]/log
I experience below error message after executing above cmd,
%COPY-E-OPENOUT, error opening remser"shiva pass"::disk:[dir]/log as output
-RMS-E-CRE, ACP file create failed
-SYSTEM-F-INVLOGIN, login information invalid at remote node %COPY-W-NOTCOPIED.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-06-2009 09:57 PM
01-06-2009 09:57 PM
Re: how to hide passwd while copy between server.
set term/noecho
$pass=="welcome"
$set term/echo
$copy test.txt remser"shiva ''pass'"::disk:[dir]/log
(these are single quotes around PASS).
regards Kalle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-06-2009 10:38 PM
01-06-2009 10:38 PM
Re: how to hide passwd while copy between server.
> [...]
You know, like this:
node2"account ''tt'"::
(Jan 6, 2009 05:25:59 GMT)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-06-2009 11:03 PM
01-06-2009 11:03 PM
Re: how to hide passwd while copy between server.
>In our work enviornment our session log
>monitor by review team so what is my
>requirement is ,without displaying
>password on session, i want to copy the
>file between server.
Now that we understand the real issue, it's possible to post a solution.
Here's a short command procedure that will define a logical name containing an access control string, prompting for the password with no echo. You can then use the logical name for your remote access. The password won't be displayed on the screen, or in the session log. You may wish to DEASSIGN the logical name after use for some semblence of security.
DEFINE_ACCESS.COM
$ logname=p1
$ node=p2
$ user=p3
$ pass=p4
$ IF logname.EQS."" THEN READ/PROMPT="Logical name: " SYS$COMMAND logname
$ IF logname.EQS."" THEN EXIT
$ IF node.EQS."" THEN READ/PROMPT="Node: " SYS$COMMAND node
$ IF node.EQS."" THEN node="0"
$ IF user.EQS."" THEN READ/PROMPT="Username: " SYS$COMMAND user
$ IF user.EQS."" THEN user=F$GETJPI("","USERNAME")
$ IF pass.EQS.""
$ THEN
$ SET NOON
$ SET TERMINAL/NOECHO
$ READ/PROMPT="Password: " SYS$COMMAND pass
$ SET TERMINAL/ECHO
$ ENDIF
$ DEFINE/NOLOG 'logname' "''node'""''user' ''pass'""::"
(unfortunately there's no easy way in DCL to do a nice, modular, error proof no-echo prompt)
I've also attached it as a text file, in case your browser breaks the inline text.
To use the procedure, give it a logical name, node name and username. It will prompt for any missing parameters. The password is prompted with no echo.
For example:
$ @DEFINE_ACCESS REMNODE NODE2 SHIVA
Password: (enter password, not echoed)
$ COPY a.txt REMNODE::disk:[dir]
$ DEASSIGN REMNODE
Note for the sharp eyed... although the logical name already contains a "::" node delimiter, it's necessary to use "::" in the file specification to allow a device and directory to be included in the file specification. You could say:
$ COPY a.txt REMNODE:b.txt
to copy the file into the default directory for the target user, but if you want to include a device and directory specification you need "::".
I thought the RCP command would prompt for a password if you said:
$ RCP/USER=user/PASS a.txt node2:
(ie, without specifying a password on the command line), but it doesn't. Maybe it was SSH?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2009 12:12 AM
01-07-2009 12:12 AM
Re: how to hide passwd while copy between server.
$tt=="welcome"
$sh sym tt
TT == "welcome"
$copy a.txt node2"shive ''tt''"::disk:[dir]
-SYSTEM-F-INVLOGIN, login information invalid at remote node
$copy a.txt node2"shive "tt""::disk:[dir]
%DCL-W-INVNOD, invalid node name specification; respecify \node2"shive "TT""::\
Am i doing any mistake here.. please suggest.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2009 12:20 AM
01-07-2009 12:20 AM
Re: how to hide passwd while copy between server.
I think you put 2 quotes before and after the TT symbol, it's 2 before and one after, so
"user ' ' pass ' "
These are the 'normal' DCL substitution rules.
regards Kalle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2009 12:29 AM
01-07-2009 12:29 AM
Re: how to hide passwd while copy between server.
it's thru.I'm able to copy now. :)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-12-2009 01:37 AM
01-12-2009 01:37 AM
Re: how to hide passwd while copy between server.
cheers...