netcopy.com - secure copy utility in DCL

0 views
Skip to first unread message

Craig Cockburn

unread,
Mar 26, 1993, 11:12:44 AM3/26/93
to
All,
I have had the following utility for years, and I thought others
would be interested in it. It allows you to copy files between
VMS machines using the COPY command. However, normally when you don't
have a proxy set up on the remote machine, you need to specify
an access control string as part of the copy command. This
always seemed to me like a massive security hole as your password
appeared on the screen while you were doing the copy. This
program (written in DCL) allows you to enter your password,
but it isn't echoed on the screen. The password cannot be
retrieved via the command recall mechanism either. I've been
using this program for many years without any problems. Please
don't mail me bug reports, as I no longer have access to a VMS
system to maintain this program.

Craig

----- cut here ----
$ vfy = f$verify(0'netcopy_debug')
$ goto end_of_comments
$ ! Netcopy.com.
$
$ ! Used to copy from one node to another and specify an access
$ ! control string WITHOUT having the password echoed on the screen.
$ ! To set up use the following statement in your login.com:
$ ! $ ncopy == "@some_dir:netcopy"
$ ! To use:
$ ! old form: $ copy node"user pass"::disk:file local_file
$ ! new form: $ ncopy node::disk:file local_file user
$ ! Password: <pass> -- not echoed.
$ ! Netcopy can also be used to send files to remote nodes, and takes
$ ! the same qualifiers as the normal COPY command.
$
$ ! The source and destination filenames will be prompted for if not
$ ! supplied on the command line. If the copy is not local to the current
$ ! node, the username and password for the access control string will
$ ! be prompted for. The username prompt will default to that of the
$ ! current process, but this can be overridden. In addition, if the
$ ! logical netcopy_username is defined, the program will use this
$ ! parameter instead. To override this logical, either deassign it,
$ ! or use '?' as the username at command level.
$
$ ! The password can also be supplied as a parameter after the
$ ! username if netcopy is to be called from another procedure which
$ ! has already asked it (without echoing, hopefully!)
$
$ ! Will also work with FTSV.
$ ! Old form: $ spool copy node"user pass"::disk:file local_file
$ ! New form: $ ncopy spool node::disk:file local_file
$ ! Username: user
$ ! Password: pass
$ ! or even, $ ft*copy == "@some_dir:netcopy spool"
$ ! then, $ ft node::disk:file local_file <user> <pass> etc.
$ !
$ ! Features:
$
$ ! 1) Because a remote copy logs you in at the remote node under the
$ ! specified username, it is usually not necessary to specify the
$ ! device you wish to copy from.
$ ! i.e. ncopy remotenode::[]file.txt will copy the file 'file.txt'
$ ! from the default login area on the remote node.
$ ! So, $ ncopy remotenode::[-.subdir1.subdir2]file.txt could be used
$ ! as a remote file specification, relative to the remote login directory
$ ! This saves typing in the longwinded substitute:
$ ! $ ncopy remotenode::device:[username.subdir1.subdir2]file.txt
$
$ ! 2) Qualifiers must go after one of the parameters, and not immediately
$ ! after the NCOPY command. If someone wants to write a .CLD so that
$ ! this program can handle the COPY qualifiers directly, then feel free!
$
$ end_of_comments:
$ on warning then goto exit$
$ set control=(y,t)
$ on control_y then goto abort
$ debug = "write sys$output"
$ debug = "!" ! Comment this out if debugging
$ say := write sys$output
$ ask := inquire/nopunctuation
$ copy = "copy"
$ command = "copy"
$ if p1 .nes. "SPOOL" then goto get_filenames
$ command = "spool copy"
$ p1 = p2
$ p2 = p3
$ p3 = p4
$ p4 = p5
$ other_params = p6+p7+p8
$ goto ask_filenames
$
$ get_filenames:
$ other_params = p5+p6+p7+p8
$
$ ask_filenames:
$ if p1 .eqs. "" then ask p1 "$_From: "
$ if p2 .eqs. "" then ask p2 "$_To: "
$ if p1 .eqs. "" .or. p2 .eqs. "" then goto no_params
$
$ remote_fetch = f$locate("::",p1) .nes. f$length(p1)
$ remote_send = f$locate("::",p2) .nes. f$length(p2)
$ param1 := 'p1
$ param2 := 'p2
$ if .not. (remote_fetch .or. remote_send) then goto copy_it ! normal copy
$
$ default_username = f$edit(f$getjpi("","USERNAME"),"COLLAPSE,LOWERCASE")
$ user = p3
$ if user .eqs. "" .and. f$trnlnm("netcopy_username") .nes. "" then -
user = f$trnlnm("netcopy_username")
$ if user .eqs. "" .or. user .eqs. "?" then -
read/prompt="Username [''default_username']: " sys$command user
$ if user .eqs. "" then user = default_username
$
$ pass = p4
$ set term/noecho
$ if pass .eqs. "" then read/prompt="Password: " sys$command pass
$ set term/echo
$ if p4 .eqs. "" then write sys$output ""
$
$ ident = """''user' ''pass'"""
$ if user .eqs. "" .or. pass .eqs. "" then ident = "" ! null for decnet
$ if f$locate("::",p2) .eqs. f$length(p2) then goto fetching
$
$ sending:
$ node = f$extract(0,'f$locate("::",p2),p2)
$ param2 = p2 - node
$ param2 := "''node'""''ident'""''param2'"
$ debug "Sending to remote node..."
$ if f$locate("::",p1) .nes. f$length(p1) then goto fetching
$ goto copy_it
$
$ fetching:
$ node = f$extract(0,'f$locate("::",p1),p1)
$ param1 = p1 - node
$ param1 := "''node'""''ident'""''param1'"
$ debug "Fetching from remote node..."
$
$ copy_it:
$ 'command 'f$string(param1) 'f$string(param2) 'f$string(other_params)
$ goto exit$
$
$ no_params:
$ say "Specify a source and destination for the copy"
$ goto exit$
$
$ leave:
$ say "copy aborted"
$ goto exit$
$
$ abort:
$ say "task aborted with CTRL-Y"
$ goto exit$
$
$ exit$:
$ if f$mode() .eqs. "INTERACTIVE" then set terminal/echo
$ vfy = f$verify(vfy)
$ exit

-------------------------------------------------------------------------------
Craig Cockburn E-mail: lss...@cs.napier.ac.uk
Napier University Fon/Phone: 031 554 2926 (home)
Edinburgh, Scotland Sgri\obh thugam 'sa Ga\idhlig ma 'se do thoil e.

Reply all
Reply to author
Forward
0 new messages