Putty on Ruby and how to hide password


#1

Team,

Several times per week and need to login to around 120 AIX servers from
a
Windows desktop.
I am using ssh under putty to accomplish this.
I coded a simple *batch *file to establish all 120 sessions. The problem
is
that if I don’t provide the password for each session, I have to
manually go
to each session and type it in.
The format of each record is as follows:

start putty.exe -X -ssh -pw abracadabra1
**myuserid@myhostname
1myuserid@myhostname1
start putty.exe -X -ssh -pw abracadabra2
**myuserid@myhostname
2myuserid@myhostname2
etc…

The above works fine but it introduces a security issue. As you can see
my
password can be readily obtained by reading the file.
If I hide the file, this will only delay its finding.

Is there a way in which I can write the batch file in Ruby and hide or
somehow encrypt the password, so even if someone edits the file the
password
can’t be understood?

Thank you

Victor


#2

Is there a way in which I can write the batch file in Ruby
and hide or somehow encrypt the password, so even if someone
edits the file the password can’t be understood?

Use pageant and an ssh key. Secure and doesn’t require the password in
the command line.

-Doug


#3

“Victor R.” removed_email_address@domain.invalid writes:

Team,

Is there a way in which I can write the batch file in Ruby and hide or
somehow encrypt the password, so even if someone edits the file the password
can’t be understood?

Don’t store password on file. If a program can decrypt it, someone can
decrypt it. Put the password in your head, don’t write it down.

Do yourself a favour by creating authenticating using either RSA or
DSA. Read:
http://the.earth.li/~sgtatham/putty/0.60/htmldoc/Chapter8.html#pubkey-puttygen

After you have put the public key on the remote servers, you can use
the following batch file in your desktop to prompt you for password
for the private key:

start “” “pageant.exe” “my_key.ppk”

Put that under your start-up folder so you’ll be prompted for the
password to unlock your private key at the beginning of your desktop
session. The password should come from your memory as you only need to
remember one password.

After pageant starts, you can connect to all 120 servers without
further password prompting.

YS.


#4

Thank you all for your quick reply.

Victor