Problem solve Get help with specific problems with your technologies, process and projects.

Can I encrypt CMD scripts so that they aren't readable but are still executable?

We have a number of CMD scripts that pass login credentials to either Microsoft SQL or remote client (rclient) to control operations on other servers. Is there a way to encrypt or encode these files so that they are not readable, but are still executable? We are running NT4 and 2000.
There are several possible approaches to this problem, including using the Data Protection API (DPAPI) to encrypt the connection string portion that holds the user credentials, using the network security identify of the user (using the Trusted Connection or Integrated Security attribute), storing credentials in a configuration file (don't do so in clear text) and securing the communication channel using IPSec or SSL. An excellent discussion on the methods available for securing connection strings for MS SQL Server is available in the Data access security chapter of the Building Secure ASP.NET applications. Several of these methods require the use of ASP.NET but others may be suitable in your circumstances.

By the way, I strongly recommend the entire document for every MS SQL Server administrator, programmer and even Windows administrators who work with Web and database applications. It's a total of 600 pages packed with security information and addresses real world scenarios.

I'm sorry I cannot direct you to "rclient" resources of the same caliber.

Dig Deeper on Windows legacy operating systems

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.