FTP scripts and password prompts

  • Thread starter Thread starter Rich Pasco
  • Start date Start date
R

Rich Pasco

Until today, a command file invoked FTP like this:

ftp <upload.ftp

where file upload.ftp contained

open mydomain.org
myname
cd mydir
put localfile.ext remotefile.ext
quit

In this case "myname" answered the username prompt, but the
password prompt still came through to the screen for keyboard
entry, as desired.

Today I read that a better syntax is

ftp -n -s:upload.ftp

However, using this syntax I can't figure out a way to get FTP
to wait for me to type the password. It works OK if upload.ftp
contains

user myname mypassword

but I really don't want to hard-code my password anywhere.

Any ideas?

- Rich
 
Rich said:
Until today, a command file invoked FTP like this:

ftp <upload.ftp

where file upload.ftp contained

open mydomain.org
myname
cd mydir
put localfile.ext remotefile.ext
quit

In this case "myname" answered the username prompt, but the
password prompt still came through to the screen for keyboard
entry, as desired.

Today I read that a better syntax is

ftp -n -s:upload.ftp

However, using this syntax I can't figure out a way to get FTP
to wait for me to type the password. It works OK if upload.ftp
contains

user myname mypassword

but I really don't want to hard-code my password anywhere.

Any ideas?

- Rich
Click to expand...

@echo off
setlocal
set /p pwd="FTP Password: "
if not defined pwd goto :EOF
echo>upload.ftp user YOURUSERID %pwd%
echo>>upload.ftp cd mydir
echo>>upload.ftp put localfile.exe remotefile.ext
echo>>upload.ftp quit
ftp -n -s:upload.ftp mydomain.org
type nul > upload.ftp
del upload.ftp
goto :EOF


The only drawback is that the password will show on the screen
as you type it in.
 
See tip 0925 » How do I script an FTP session?
in the 'Tips & Tricks' at http://www.jsifaq.com




Until today, a command file invoked FTP like this:

ftp <upload.ftp

where file upload.ftp contained

open mydomain.org
myname
cd mydir
put localfile.ext remotefile.ext
quit

In this case "myname" answered the username prompt, but the
password prompt still came through to the screen for keyboard
entry, as desired.

Today I read that a better syntax is

ftp -n -s:upload.ftp

However, using this syntax I can't figure out a way to get FTP
to wait for me to type the password. It works OK if upload.ftp
contains

user myname mypassword

but I really don't want to hard-code my password anywhere.

Any ideas?

- Rich
Click to expand...

Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
http://www.jsifaq.com
 
Thanks Jerold, but this tip shows how to do exactly what I didn't
want to do, hard-code the password into the script file.

- Rich
 
Thanks, Phil, it obviously works as designed, but what a kludge...
I just wanted to put something into my FTP script that would make
ftp.exe turn away from the script long enough to ask for a password.

- Rich
 
After reading the responses I'm not clear why the Help file recommends

ftp -n -s:upload.ftp

and deprecates

ftp <upload.ftp

as I was previously using. The "<" approach makes FTP pause for the
user to type a password as I wanted (which I can't get the "-s:"
technique to do) and otherwise it seems to work at least as well.

- Rich
 
Rich said:
Thanks, Phil, it obviously works as designed, but what a kludge...
I just wanted to put something into my FTP script that would make
ftp.exe turn away from the script long enough to ask for a password.

- Rich
Click to expand...

Hi, Rich:

Well, it may seem a kludge for such a simple script. But the idea of
having one's batch file dynamically generate and then execute a script
is actually very powerful and versatile if you want to do more complex
operations involving FTP, especially where the batch file is run in
the background and you are not around to enter the password. In that
case, instead of 'set /p pwd=....', the batch file could retrieve the
userid and password from an access-protected disk file or registry
entry, generate the script, execute the script, and then delete the
script so that it is not left lying around with the userid and password
in it....
 
Rich said:
After reading the responses I'm not clear why the Help file recommends

ftp -n -s:upload.ftp

and deprecates

ftp <upload.ftp

as I was previously using. The "<" approach makes FTP pause for the
user to type a password as I wanted (which I can't get the "-s:"
technique to do) and otherwise it seems to work at least as well.

- Rich
Click to expand...

See my other reply, and note the part about batch files running without
user intervention. . . .
 
Hello, Phil!
You wrote on Thu, 12 Jan 2006 21:10:01 -0800:

PR> @echo off setlocal set /p pwd="FTP Password: "
PR> if not defined pwd goto :EOF echo>upload.ftp user YOURUSERID %pwd%
PR> echo>>upload.ftp cd mydir echo>>upload.ftp put localfile.exe
PR> remotefile.ext echo>>upload.ftp quit ftp -n -s:upload.ftp
PR> mydomain.org type nul > upload.ftp del upload.ftp goto :EOF


When storing sensitive data in a file, even if just temporarily you should
explicitly set the permissions so that only you, the user, has access to the
file. This should be done before any sensitive data is written to that file.
echo Y| cacls upoad.ftp /g %USERNAME%:F > NUL 2>&1

If you think that a bit excessive imagine a scenario where the machine
crashes while your batch is running. Your file is left possibly open to the
other users depending on default fs permissions.

Another case: I have one host that sends an odd ftp response at times and
leaves the ftp client hanging endlessly waiting.

Or you are simply transferring a large file during such transfer who knows
who may be able to read your file, including a family member or colleague
with nasty intent who is running a batch just to look for such a thing.

With best regards, Paul R. Sadowski [MVP]. E-mail: (e-mail address removed)
 
No doubt about that, Phil. I understand the concept and the value of
dynamically generating and executing a script. Thanks again for your
contribution.

- Rich
 
Paul said:
Hello, Phil!
You wrote on Thu, 12 Jan 2006 21:10:01 -0800:

PR> @echo off setlocal set /p pwd="FTP Password: "
PR> if not defined pwd goto :EOF echo>upload.ftp user YOURUSERID %pwd%
PR> echo>>upload.ftp cd mydir echo>>upload.ftp put localfile.exe
PR> remotefile.ext echo>>upload.ftp quit ftp -n -s:upload.ftp
PR> mydomain.org type nul > upload.ftp del upload.ftp goto :EOF


When storing sensitive data in a file, even if just temporarily you should
explicitly set the permissions so that only you, the user, has access to the
file. This should be done before any sensitive data is written to that file.
echo Y| cacls upoad.ftp /g %USERNAME%:F > NUL 2>&1

If you think that a bit excessive imagine a scenario where the machine
crashes while your batch is running. Your file is left possibly open to the
other users depending on default fs permissions.

Another case: I have one host that sends an odd ftp response at times and
leaves the ftp client hanging endlessly waiting.

Or you are simply transferring a large file during such transfer who knows
who may be able to read your file, including a family member or colleague
with nasty intent who is running a batch just to look for such a thing.

With best regards, Paul R. Sadowski [MVP]. E-mail: (e-mail address removed)
Click to expand...

Hi, Paul, those are good points you make! Thanks for the reminder! One
can never be too security-conscious these days!
 
Back
Top