A while ago we reviewed the desktop version of ArticSoft's OpenPGP implementation. The Command Line Scriptor (CLS) is a variant on the theme, but with one key difference: instead of running the encryption/decryption process from an interactive GUI, you instead create scripts that can either be run on demand or placed in a schedule.

Although the point of such a package isn't immediately obvious, when you start to play with it the possibilities become apparent – interchanging order information on an hourly basis between an e-commerce Web server and the corporate office, for instance.

As with the main FileAssurity desktop package, there's a key manager that allows you to generate public/private key pairs and import/export those of third parties. The new bit you get with the CLS, though, is the ability to produce scripts that are sequences of encrypt/decrypt/transfer commands which can run entirely unattended via Windows' built-in scheduler.

There are two ways to produce scripts. One is to write them yourself by entering the appropriate command line instructions and parameters to the FileAssurity executables; the other, much prettier approach is to use the supplied wizard to design what you want to do, and then let the software build the scripts for you.

Scripts are, as you might imagine, merely DOS batch files with sequences of commands. When you run the wizard, it shows the text of the current script (you can load and save scripts at will) and you can either add new lines or click on an existing entry (each line represents a single task) and edit it.

When creating or editing a task, you're given a simple screen that lets you define what you wish to do. First is to choose whether you want to "protect" (encrypt) one or more files, "unprotect" (decrypt) files, "secure delete" files (erase files more rigorously than Windows would) or back up the keystore (the repository where the various PGP private/public keys are stored).

Assuming you're performing some action on one or more files, you have two options for where the system finds input files. One is to look in one or more folders on the local machine (or a network share) and the other is to connect to a server via FTP in order to retrieve files. If you choose FTP, you're asked for the appropriate authentication and directory information, and you have the choice of ASCII/binary connections and active/passive FTP protocols. You can specify files individually, but if you list a folder name as the input file it'll simply work on all the files it sees in the given folder.

If the operation you're performing involves writing output files (i.e. it's not a "secure delete"), you also get to choose what to do with the results of the encryption process. You can choose to write to a folder, send by email (in which case you'll need a mail program on the host machine that the package can talk to) or upload to an FTP server.

CLS is pretty easy to use, though the user interface has a couple of niggles that could do with some attention. First, although you can browse across a Windows filesharing network, you sometimes end up with weird results (mainly if you try to browse the shortcuts that Windows puts in "My Network Places" under Windows XP). Second, when you select a script line to edit in the CLS wizard, it doesn't highlight your selection in any way, which is a little confusing if you have word-wrap turned on since each command can span a number of lines.

All in all, though, CLS is an interesting tool that will be of use to people who want to do regular, unattended secure data transfers. The GUI niggles are only minor, and what matters is that the underlying functionality is based on a PGP engine that's been around for a while and seems stable.


Bear in mind that the package needs a suitable e-mail client on the host PC (ie it doesn't seem to talk native SMTP).