Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Script to Encrypt Zip files 1

Status
Not open for further replies.

Frink

Programmer
Mar 16, 2001
798
GB
Hallo,

Not sure if this is the correct forum, but I have a script which runs as a scheduled task and zips up files (using WinZip).
I now need to encrypt the zip files. This seems quite straightforward, using the -s and -ycAES256 command line options, but how can I automatically enter a password without including it in plain text in the script?

TIA,

- Frink
 
My first guess would be some sort of programmed algorithm for creating the password. But then you'd need the opposite effect to unzip the files, and it would probably be desirable to somehow store what the algorithm produced. There again, you'd be dealing with needing to somehow encrypt the data source for your passwords as well...

--

"If to err is human, then I must be some kind of human!" -Me
 
You could have the encryption phrase in a text file on a server share that only allows access by the service account used to run the script. Then use a "FOR /F" to extract the text from the file and place it in a variable for use in the encryption line.

Example:
for /f %%a in (\\server\share\encrypt.txt) do set EncPhrase=%%a

Then use %EncPhrase% where you want the encryption phrase to be.
 
Cheers guys, that's some nice thinking outside the box!
I'm currently looking at trying to get something to do the following:
I create a file containing the password
Then I run some sort of encryption program on it which generates a public key from a private key I enter.
The script then uses the hardcoded public key to extract the password from the encrypted file.

Not having much luck though, so maybe I'll go with CaptainCommandLine's suggestion.

- Frink
 
Err, if the password can be extracted with the public key, is more or less the same as having it clear ...

Cheers,
Dian
 
Good point, Diancecht

--

"If to err is human, then I must be some kind of human!" -Me
 
Hallo,

The idea was it would only be able to be unencrypted with the public key on the actual machine itself.
If someone gets access to my server then they can do far worse than look at this file!

- Frink
 
Frink, you say "if someone gets access to my server then they can do far worse than look at this file!"

That may be true. However, this file would be one of the main types that hackers and such would WANT to find, at least initially. Because if they can find that password file, then not only will they have a method to gain access to the particular file(s) protected by the included password, but also they may be able to gather some useful info in HOW you protect or files, etc.

So, best case scenerio, you don't want any passwords stored in plain text, especially on something like a server.

--

"If to err is human, then I must be some kind of human!" -Me
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top