Post a reply

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

martin

This cannot work. SecureString is an object, while you get a string from PowerShell output.

You might be able to use the ProtectedData.Unprotect approach.
Templar

I cannot run powershell scripts on my machine, but maybe I could circumvent the problem by using powershell command line.
Here is what I tried:
<job>

<reference object="WinSCP.Session" />
<script language="VBScript">
Dim  key, cmd, Shell, executor, seckey

key = "ABCABCABC....."
cmd = "powershell.exe ConvertTo-SecureString "& key
Set shell = CreateObject("WScript.Shell")
Set executor = shell.Exec(cmd)
executor.StdIn.Close
seckey = executor.StdOut.ReadAll
sessionOptions.SecurePassword = seckey
...
 

but I get an error stating something like "SecurePassword incorrect argument" (sorry I had to translate the message into English). So, I even wonder if "SecurePassword" is supported at all in VBS.

A full VBS solution would be prefered but if I can find a workaround with a working version of the code above, I would be happy too!
Templar

Sorry, I should have pointed to the full page:
https://winscp.net/eng/docs/guide_protecting_credentials_for_automation

The page shows how to store encrypted passwords in xml and the use them as secure password e.g. in Powershell with
$sessionOptions.SecurePassword = ConvertTo-SecureString $config.Configuration.Password

I am bound to use VBS and would like to do something similar to avoid storing plain clear text password in a config file.

Hope this makes my point clearer.

Many thanks for your help.
martin

Re: Protect credentials in VBScript

That article shows several techniques. Do you have any particular one in mind?

You point to a footnote, which does not seem relevant to your question.