0

Is There a good artical on how to setup KeePass in a powershell script? The goal is to hide UserName and Password in the PS script that is used for sFTP file transfers. I would like to reference the UserName and Password Stored in KeePass to pull into a Powershell script so the sFTP Transfer can happen.

Here is what I have so far:

#Log credential fetch
$ftpcreds = "Look to Keepass "app" and then look to the database within keepass "DataBase1"
-ArgumentList $ftpcreds.UserName, $ftpcreds.Password "this would pull the User Name and Password"

# Set up session options
$sessionOptions = New-Object WinSCP.SessionOptions -Property @{
    Protocol = [WinSCP.Protocol]::Sftp
    HostName = "Acme123"
    UserName = $ftpcreds.UserName
    Password = $ftpcreds.Password
    SshHostKeyFingerprint = "ssh-rsa 123456"
Mb8787
  • 11
  • 2
  • If your script can just look in KeePass for the credentials, couldn't a nefarious user simply look there themselves? This doesn't seem like a particularly secure approach. – boxdog May 18 '22 at 15:20
  • If keepass is not a good approach, what would you suggest to hide the UserName and or Password in a PS script? – Mb8787 May 18 '22 at 15:25
  • There is a [PowerShell secret management module](https://github.com/PowerShell/SecretManagement) and a [KeePass extension](https://github.com/JustinGrote/SecretManagement.KeePass). – iRon May 18 '22 at 17:16
  • You might as well hide the password in the script itself [using a `securestring`](https://stackoverflow.com/a/62609833/1701026) but in any case, it will never be a proper secured solution if you eventually sent the password as plain text... – iRon May 18 '22 at 17:25
  • I am working on the setup for the KeePass ext now. Thanks for the info! – Mb8787 May 18 '22 at 19:33

0 Answers0