Encrypting credentials



  • Avatar

    Hi Matthias,

    Are you referring to how to ask for the password in clear text? If so, you could either use a string/password parameter to ask for it:

    <title>User Password</title>

    Or use a <showPasswordQuestion>

    <title>Password Required</title>
    <text>Please provide you MySQL password</text>
  • Avatar
    Matthias Apitz

    No. Please re-read my post again. I want:

    1. ask for the pw as clear text (with the methods you show above)

    2. the bitrock installer encrypts this with our own method (based on BlowFish)

    3. for the rest the encrypted password is used, for example in scripts updating the database or storing the encrypted passord in config und properties files.

    Now clearer?

  • Avatar
    Matthias Apitz

    I think, I have an idea, how to solve this: We have installed a tool, which hashes with BlowFisch a salted clear text password to the required hash (which our software knows to decrypt again), works like this:

        /usr/local/sisis-pap/bin/newpw Matthias-secret

    This could be started (after asking for the credential in clear form), hash the provided password and return somehow the STDOUT output of the tool again into an parameter for the rest of the installation. If this returning isn't possible, the hash could be written to a temp. file and used by the remaining installer routines from there.


  • Avatar

    Hi Mattias,

    Please let us know if the solution works for you, thank you for sharing!

    To mark code you must select the text and then in the style icon on the left click on "code".



Please sign in to leave a comment.