- martin
Post a reply
Topic review
- martin
Wouldn't using an environment variable be better and more flexible?
- Frongie
Yes, but this is only one EXAMPLE !!!
With this method, if the program you use writes directly to the PIPE, then nothing will be stored in the Task Manager. Some tools can work in this way.
Futhermore, if you need to execute the same using scripts only, then the solution is to write the password to a TEMP file and use the
Please, try to think about the improvement in the security with this simple alternative to send passwords to WinSCP.
Regards.
With this method, if the program you use writes directly to the PIPE, then nothing will be stored in the Task Manager. Some tools can work in this way.
Futhermore, if you need to execute the same using scripts only, then the solution is to write the password to a TEMP file and use the
Get-Content command (similar to cat in Power Shell) to pass the content of the file to the WinSCP.exe.
Please, try to think about the improvement in the security with this simple alternative to send passwords to WinSCP.
Regards.
- martin
@Frongie: That way, you will see a process like this in the Task Manager:
"C:\WINDOWS\system32\cmd.exe /c /s echo password | "C:\Program Files (x86)\AnyDesk\AnyDesk.exe" ...
- Frongie
This idea is good. The AnyDesk tool uses the same interface. Example:
So I suggest to implement this alternative to pass the password using the commandline.
echo password | "C:\Program Files (x86)\AnyDesk\AnyDesk.exe" alias@ad --with-password
So I suggest to implement this alternative to pass the password using the commandline.
- martin
Re: -pw-stdin parameter
OK. Thanks. We will see, if more people ask for this.
- user-adm-33
Sorry Martin!
So, please check this:
Please, note that the current implementation for setting the password from another process that starts it the WinSCP it's VERY INSECURE. So, another alternative should be explored.
Regards.
- KeePass is a Windows Graphical Application that implements the
-pw-stinparameter. - Any Windows GUI Application can read from the console.
So, please check this:
- KeePass code (in C#) that reads the password from the console:
https://github.com/dlech/KeePass2.x/blob/5ea1b24ad2c1b17b6d0017d68731c885af6b539d/KeePass/Util/KeyUtil.cs#L154
- How a Windows GUI App can use the Console:
Adding Console I/O to a Win32 GUI App
- Microsoft examples about the use of the STDIN/STDOUT:
https://learn.microsoft.com/en-us/dotnet/api/system.console.readline
Please, note that the current implementation for setting the password from another process that starts it the WinSCP it's VERY INSECURE. So, another alternative should be explored.
Regards.
- martin
Re: -pw-stdin parameter
I believe that GUI applications have no stdin.
- user-adm-33
-pw-stdin parameter
Hi,
When using the current command line parameter
the password can be shown inside the "Command Line" column of the Task Manager.
So, I suggest to add the parameter "-pw-stdin" to read the password from a PIPE.
That's already implemented in the KeePass to hide password passed in the command line.
See it at: https://keepass.info/help/base/cmdline.html
I hope you agree to implement something similar.
Regards.
When using the current command line parameter
WinSCP.EXE sftp://user:pass@server:22
the password can be shown inside the "Command Line" column of the Task Manager.
So, I suggest to add the parameter "-pw-stdin" to read the password from a PIPE.
That's already implemented in the KeePass to hide password passed in the command line.
See it at: https://keepass.info/help/base/cmdline.html
I hope you agree to implement something similar.
Regards.