Encrypting credentials

Comments

4 comments

  • Avatar
    michiel

    Hi Matthias,

    Are you referring to how to ask for the password in clear text? If so, you could either use a string/password parameter to ask for it:

    <passwordParameter>
    <name>userpasswd</name>
    <title>User Password</title>
    <description>Password</description>
    <descriptionRetype>Re-enter</descriptionRetype>
    </passwordParameter>

    Or use a <showPasswordQuestion>

    <showPasswordQuestion>
    <title>Password Required</title>
    <text>Please provide you MySQL password</text>
    <variable>pass</variable>
    </showPasswordQuestion>
    0
    Comment actions Permalink
  • Avatar
    Matthias Apitz

    No. Please re-read my post again. I want:

    1. ask for the pw as clear text (with the methods you show above)

    2. the bitrock installer encrypts this with our own method (based on BlowFish)

    3. for the rest the encrypted password is used, for example in scripts updating the database or storing the encrypted passord in config und properties files.

    Now clearer?

    0
    Comment actions Permalink
  • Avatar
    Matthias Apitz

    I think, I have an idea, how to solve this: We have installed a tool, which hashes with BlowFisch a salted clear text password to the required hash (which our software knows to decrypt again), works like this:

        /usr/local/sisis-pap/bin/newpw Matthias-secret
        d457b8dcaeadf3f57437819df4478e34

    This could be started (after asking for the credential in clear form), hash the provided password and return somehow the STDOUT output of the tool again into an parameter for the rest of the installation. If this returning isn't possible, the hash could be written to a temp. file and used by the remaining installer routines from there.

     

    0
    Comment actions Permalink
  • Avatar
    michiel

    Hi Mattias,

    Please let us know if the solution works for you, thank you for sharing!

    To mark code you must select the text and then in the style icon on the left click on "code".

    Regards,

    Michiel

    0
    Comment actions Permalink

Please sign in to leave a comment.