KiTTY : Forum Last modification : -
Welcome / Recent changes / News / Forum / Download / Contacts	Edit
Advertising seems to be blocked by your browser. Please notice that advertising helps us to host the project. Without advertising Forum does not work. Forum Home post-login script SergK - Fri 04/07/2014 20:11:36 CEST +0200 hi nice program, seems to work well, but : when using login script option for ssh : - seems it does not work well with partial lines. worked for first line, but not for the following, had to enter full line to make it work - after script is encrypted, there is no option to view the content. that is inconvenient, when one has many different sessions cheers Serg Cyd - Sat 05/07/2014 11:48:32 CEST +0200 Don't forget: don ?t use this feature to authenticate in ssh. Authentication is fully part of the protocol. SergK - Fri 05/09/2014 11:10:04 CEST +0200 >>don ?t use this feature to authenticate in ssh consider scenario: 1. we log in to the 'ssh auth proxy server' using regular ssh auth protocol with personal account ex. ssh johndoe@proxy.bus.com 2. that 'ssh auth proxy' is an audit requirement in corporate world and performs additional verification of user access permissions and also saves full log of all user commands 3. if user has permissions to access other servers, he would be allowed to connect to other servers: securelogin supportuser@otherserver.bus.com > Profile ID_36233_1_UK_MYAPP_DEPLOY: taget account user supportuser : johndoe is allowed to access > Profile ID_36233_1_UK_MYAPP_DEPLOY: taget server otherserver.bus.com : johndoe is allowed to access > Please enter access reason: deploy release V56.7.b > Please provide change or incident ticket: CM005462 > Password: [supportuser@otherserver.bus.com:/export/home/supportuser]$ so, to automate this process its very handy to use post-login scripts (so that i cuold log in to specific environment with one click) and to support changes in passwords and environments it is very handy to see what my encrypted script content is - so that it could be modified, rather than created from scratch for reference, example of non-free application that fully supports this is SecureCRT Cyd - Fri 05/09/2014 13:37:57 CEST +0200 Yes, but if that option would be available, it means that anybody that can access to your PC could get your scripts, and get your credentials. I'm not sure it is really safe. I need more time to think of this problem. Answer The forum is actually closed
	L'adresse initiale de cette page est http://kitty.9bis.com/ Wiki utilisant PumaWiki 1.0, merci aux membres de la PuTTY Team 2026/06/16 14:36 -- en -- 216.73.216.42 --

post-login script

SergK - Fri 04/07/2014 20:11:36 CEST +0200

hi
nice program, seems to work well, but :
when using login script option for ssh :
- seems it does not work well with partial lines. worked for first line, but not for the following, had to enter full line to make it work
- after script is encrypted, there is no option to view the content. that is inconvenient, when one has many different sessions

cheers
Serg

Cyd - Sat 05/07/2014 11:48:32 CEST +0200

Don't forget: don ?t use this feature to authenticate in ssh. Authentication is fully part of the protocol.

SergK - Fri 05/09/2014 11:10:04 CEST +0200

>>don ?t use this feature to authenticate in ssh

consider scenario:
1. we log in to the 'ssh auth proxy server' using regular ssh auth protocol with personal account
ex. ssh johndoe@proxy.bus.com
2. that 'ssh auth proxy' is an audit requirement in corporate world and performs additional verification of user access permissions and also saves full log of all user commands
3. if user has permissions to access other servers, he would be allowed to connect to other servers:
securelogin supportuser@otherserver.bus.com
> Profile ID_36233_1_UK_MYAPP_DEPLOY: taget account user supportuser : johndoe is allowed to access
> Profile ID_36233_1_UK_MYAPP_DEPLOY: taget server otherserver.bus.com : johndoe is allowed to access
> Please enter access reason: deploy release V56.7.b
> Please provide change or incident ticket: CM005462
> Password:

[supportuser@otherserver.bus.com:/export/home/supportuser]$

so, to automate this process its very handy to use post-login scripts (so that i cuold log in to specific environment with one click)
and to support changes in passwords and environments it is very handy to see what my encrypted script content is - so that it could be modified, rather than created from scratch

for reference, example of non-free application that fully supports this is SecureCRT

Cyd - Fri 05/09/2014 13:37:57 CEST +0200

Yes, but if that option would be available, it means that anybody that can access to your PC could get your scripts, and get your credentials. I'm not sure it is really safe.
I need more time to think of this problem.

Answer

The forum is actually closed