Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.
|
|
google unix.com
|
|||||||
| Forums | Register | Forum Rules | Links | Albums | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
| High Level Programming Post questions about C, C++, Java, SQL, and other programming languages here. |
More UNIX and Linux Forum Topics You Might Find Helpful
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| User name and password encryption | satguyz | High Level Programming | 5 | 02-23-2007 11:10 AM |
| PGP encryption/decryption solaris 9 | frustrated1 | SUN Solaris | 0 | 09-30-2006 07:45 PM |
| Password safe encryption strength | keelba | UNIX for Dummies Questions & Answers | 1 | 10-19-2005 01:09 PM |
| File Encryption and Decryption in UNIX. | abidmalik | UNIX for Dummies Questions & Answers | 3 | 08-27-2002 04:09 PM |
| Zipping with password or encryption | dsimpg1 | UNIX for Dummies Questions & Answers | 2 | 09-21-2001 12:57 AM |
 |
Powered by 
|
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
03-02-2005
|
||||
|
||||
|
Password encryption/decryption in flat-text files
Dear all,
If anyone has some ideas for me how to tackle the following situation: Imagine a type of client-server application. The client application is started by a human operator with all the necessary LDAP/Kerberos in place. The server application is started automatically as a daemon process. This server application talks to an Oracle database for which it needs a connection string, username and password as a minimum. This information is stored in a flat-text file on the system, but everything is readable : eg. EXAMPLE_DB:username  assNow, I know we must consider all the security all ready in place (firewalls, unix accounts with passwords, files made read-only), but ... is there some way to make the password in the flat-text file unreadable aka. encrypted and have it decrypted when needed ? The problem is that the password, when encrypted, must first be decrypted before it becomes usable to logon to the database. Quite a lot eh? Dominik |
|
03-03-2005
|
||||
|
||||
|
I think your security model has a big problem.
Yes, you could use DES-3 to encrypt a user/name password, or some other public key encryption scheme, but the user would have to enter the private key. Which means they have to in effect enter a password. Since they have to enter something: Why not just let Oracle authenticate each user, like it would normally do? Just ask let Oracle ask the user for the credentials or you ask them and pass them to Oracle - why do you have to have an intervening layer? |
|
03-04-2005
|
||||
|
||||
|
Hi ,
You can use the crypt command in unix to do this. ex. Create a file which has the clear passwd (/tmp/testpw) encrypt crypt Key<clear_passwd.file > encrypt_file crypt 123 < /tmp/testpw > /tmp/testcr Now you can remove the clear passwd file .. But you should remeber the key. You can connect to the oracle in the following way. sqlplus "user_name/`crypt 123 < /tmp/testcr`" SQL*Plus: Release 9.2.0.5.0 - Production on Fri Mar 4 08:32:25 2005 Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved. Connected to: Oracle9i Enterprise Edition Release 9.2.0.5.0 - 64bit Production With the Partitioning, OLAP and Oracle Data Mining options JServer Release 9.2.0.5.0 - Production SQL> Please check is this helps you. Thanks and Regards Bala |
| Sponsored Links | ||
|
|
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Linear Mode
