Forum: Ruby putty on Ruby and how to hide password

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
1ae92ac1fcb76a88782f461bea73c668?d=identicon&s=25 Victor Reyes (Guest)
on 2007-05-21 20:42
(Received via mailing list)
Team,

Several times per week and need to login to around 120 AIX servers from
a
Windows desktop.
I am using *ssh* under *putty* to accomplish this.
I coded a simple *batch *file to establish all 120 sessions. The problem
is
that if I don't provide the password for each session, I have to
manually go
to each session and type it in.
The format of each record is as follows:

*start putty.exe -X -ssh -pw abracadabra1
**myuserid@myhostname*1<myuserid@myhostname1>
 *start putty.exe -X -ssh -pw abracadabra2
**myuserid@myhostname*2<myuserid@myhostname2>
etc.....

The above works fine but it introduces a security issue. As you can see
my
password can be readily obtained by reading the file.
If I hide the file, this will only delay its finding.

Is there a way in which I can write the batch file in Ruby and hide or
somehow encrypt the password, so even if someone edits the file the
password
can't be understood?

Thank you

Victor
7b0e3a2c135e6f67edf3194ee501961d?d=identicon&s=25 Doug Phillips (Guest)
on 2007-05-21 20:47
(Received via mailing list)
> Is there a way in which I can write the batch file in Ruby
> and hide or somehow encrypt the password, so even if someone
> edits the file the password can't be understood?

Use pageant and an ssh key.  Secure and doesn't require the password in
the command line.

-Doug
B000982a23d5c6a34292902caf225dd7?d=identicon&s=25 Yohanes Santoso (Guest)
on 2007-05-21 20:55
(Received via mailing list)
"Victor Reyes" <victor.reyes@gmail.com> writes:

> Team,

> Is there a way in which I can write the batch file in Ruby and hide or
> somehow encrypt the password, so even if someone edits the file the password
> can't be understood?

Don't store password on file. If a program can decrypt it, someone can
decrypt it. Put the password in your head, don't write it down.

Do yourself a favour by creating authenticating using either RSA or
DSA. Read:
http://the.earth.li/~sgtatham/putty/0.60/htmldoc/C...

After you have put the public key on the remote servers, you can use
the following batch file in your desktop to prompt you for password
for the private key:

start "" "pageant.exe" "my_key.ppk"

Put that under your start-up folder so you'll be prompted for the
password to unlock your private key at the beginning of your desktop
session. The password should come from your memory as you only need to
remember one password.

After pageant starts, you can connect to all 120 servers without
further password prompting.

YS.
1ae92ac1fcb76a88782f461bea73c668?d=identicon&s=25 Victor Reyes (Guest)
on 2007-05-21 21:42
(Received via mailing list)
Thank you all for your quick reply.

Victor
This topic is locked and can not be replied to.