Object method to encrypt a provided password

[oliver366370]

Hi guys,

I am just playing around with the vbs scripting and am struggling to find if there is a method to encrypt given passwords, ready to be stored in the config files. Looking at the documentation for the sessionConfiguration object I can see that "When set, the Password parameter must be encoded".
Digging through years of forum posts I have seen that this issue has come up a few times. The thread that caught my eye was https://forums.vandyke.com/archive/i...hp/t-4711.html in the very last comment stating "It is possible to programmatically set a password".
This is leading me to believe that I am missing something. Is there a object method to encrypt/encode a given password ready to be set to the sessionConfiguration object?

[ekoranyi]

Hi oliver366370,

SecureCRT does not currently support encrypting a plain text password into the needed format via a script. The /ENCRYPTEDPASSWORD option referenced in the link you provided is a command line option.

For example, if you're launching SecureCRT from the CMD window or a batch file and you do not want your plain text password visible you can use a password that has already been encrypted by the SecureCRT GUI. To obtain an encrypted password, specify a password in the Session Options dialog, then open that session's .ini file and copy the encrypted string from the Password field.

I have recorded your interest in scripting passwords in our database of SecureCRT feature requests so that the product director can evaluate it for possible inclusion in a future release.

Should a version of SecureCRT become available with this feature, we will be sure to let you know.

If you would like to be notified directly please send an email to Support@VanDyke.com with "Feature Request Forum Post 13253" in the subject line.

[oliver366370]

Hi Eric,

Thanks for your swift reply.
I was wondering if there was any reason why this function would not be released?
There seems to have been a fair number of requests dating back to 2005.

In the meantime, I was womdering if you could help me with a work around.
Ideally I would like to use SecureCRT to swiftly be able to adjust to any password changes that are made.
In my current situation I have a range of devices I would like to connect to, some on AD, some on local user accounts and some on shared accounts.
This causes issues when one of those passwords change as my folder structure does not reflect which account is being used, hence I would need to individually check each device session config to see which would need changing.
My first idea was a script, one that would go through every session in the config folder and if the account matches the one that changed, then apply a new password.
Are you aware of any possible alternatives to this if new passwords are set?
Possibly something along the lines of an account ID tag for sessions that could be quickly filtered or possibly a shared credentials file?

Kind regards,
Oliver

[ekoranyi]

Hi oliver366370,

Allowing access to encrypting/decrypting session passwords via a script can have security implications, implementing it requires carful consideration.

SecureCRT does support changing passwords for multiple sessions at once. In the Session Manager you can use the standard Ctrl/Shift multi select behavior to select the session you would like to modify. With the sessions selected you can right click and choose Properties to modify all selected sessions at once.

I have also added your contact information to a feature request for a sort of "password database". The idea being that there would be a central location to set username/password pairs and these would be assigned to sessions. This would allow changes to be made in one place and effect multiple sessions.

[oliver366370]

Hi Eric,

Thanks for your reply.
I understand that there would be a fundamental flaw if there was a method to decrypt passwords in the object, however I do not necessarily agree with encrypting if the code was properly designed as you would be able to achieve the same results by using the GUI.
Nonetheless you have given me an idea which may work, adding identifier tags in the description which I can then attempt to filter the sessions list in order to change the password using the GUI in bulk as you stated.

Thanks for your help!
Oliver

[garrettskj]

I too, am interested in this.

[berdmann]

Hi garrettskj,

I have submitted an additional feature request on your behalf to provide a way to encrypt a password within a script.

Should this functionality be added in a future release of SecureCRT we will be sure to post here!