Customer is running Invantive Data Hub and has recently upgraded. The batch file used to include the following:
/password:PASSWORD
But the use of unencrypted seems no longer supported; I must provide an encrypted password instead. Invantive Data Hub reports:
itgendhb079 This script uses a non-encrypted password. Please use an encrypted password instead.
How can I encrypt the password? I seem unable to find a menu option for it.
You can create an encrypted version of the password by executing the following in the Query Tool or Data Hub:
local encrypt password
and then pressing enter (Data Hub) or ctrl+enter (Query Tool).
A window will appear with the currently used password filled-in when available, signalled by ***.
Please note that the encrypted password is encrypted using a device-specific key. So you can only use it on the device on which you generated the encrypted password.
Related
I'm using the mysql 8.0.15. i know there is one same question, but in the recent version mysql 8.0.11, PASSWORD function is removed. I'm trying to get back my root user password, i have got the encrypted string caching_sha2_passIBjIZxTzot5bM9bujMxG9orfl6Ctt.w2SDLZUzAsrxD0 how can i decrpyt it? Also i try to follow solutions from this to reset password, but without the password function, almost cannot proceed.
Passwords for authentication are stored in a way that's irrecoverable, it's a one-way hashing function that's applied. In this case it's SHA2.
There's no way to "unhash" this by design. The database entry contains just enough information to validate any given password, but not enough to tell you what the password is.
You can reset the password by disabling password checks and set a new password.
After running php artisan make:auth in my laravel project, I want to test some default functions. I MANUALLY entered data in my MySQL Database:
but when I try to login to my project using the above credentials:
I am sure that I have typed it as exactlly as indicated secret123 but still unable to enter. Is there anything that I am missing? Or shall I do something to be able to manually enter data that matches credentials when I log in?
Yes, the password in the database is not plaintext (Big security no no).
You should try to hash your password with a Bcrypt hasher. I believe https://www.browserling.com/tools/bcrypt will work. Just fill in the password, rounds does not matter (as far as i know) and hash it! Then paste the has in the databse, then it should work for you!
Need to create simple mysql-backup script.
But - how can I store encrypted pass of MySQL user in it?
I want to avoid store password in plaintext type in any additional files.
As I found in MySQL manual:
MySQL encrypts passwords stored in the user table using its own algorithm
So. there is no way to just get hash and set it as variable?
I mean:
DBHASH="cGFzc3dvcmQ="
DBPASS=`echo $DBHASH | openssl enc -base64 -d`
Is there any correct way to sovle it?
Thanks for tips.
It doesn't matter if the script contains a plaintext password or not if it includes a repeatable routine for getting into MySQL (i.e. automatically decrypting) - an attacker would just do the same. If you could pass the hash/decrypted password and have MySQL compare it would be just as repeatable (and the hash would function as a password anyway).
So, the easy answer is: You can't do this. You have some options...
Set up a correctly chmoded (600) ~/.my.cnf with the credentials.
Create a 'restricted', password-less backup-account that is only allowed to log in from localhost.
Only allow backup logins from localhost/backup host in either case.
If you're on Debian you could use the debian-sys-maint account (which has a my.cnf already set up with credentials)
Restrict the mysql account and include the password in the script plain text, but only allow given user/root to read script (if you have root you can take over mysql anyway).
Read/'source' the config variables (username/password) from an external file (with correct chmod - 600)...but you're basically doing the my.cnf-thing by then.
Remember a "backup account" does not need write privileges etc...
afaict, there's no way to do what you're looking for. Whether you store the hash or the original password, you will anyway store very sensible information that might be evil used if someone gets read access to your script.
What you may prefer, is instead setup up an user account that can't login, and setup up mysql so that user has the exact permissions for your script. And also make it so that this user is the only one having exec access to the script.
I have an SSIS package that I'm trying to run from a SQL job. However, it fails, and the log claims that the password for the user specified in the connection string is wrong. For testing I've got the protection level set to EncryptSensitiveWithKey, and it runs fine from BIDS. When I import it into SSIS I change it to ServerStorage. (My understanding of the documentation says that this should work. I could be wrong though.) During the import it asks for the decryption key, which I supply, and everything seems fine.
It also seems fine when I set up the job in SQL Server Agent. However, when I run the job, it fails and the log says that the password for that user is incorrect. It doesn't say that there is a permission problem, but that the password is wrong.
I've been through the connections and double checked the username and password that is used to access the database. I can connect just fine with that username and password combination. This is the user that is used to connect to the database. There don't appear to be any problems executing the job.
Any help with this would be appreciated.
From what it looks like, it seems like you still need to modify the password after you have installed it to the SQL Agent. The decryption key decrypts the sensitive information but it is still tied to the person that created it. Have you tried re-entering the password when you install it to the server?
http://decipherinfosys.wordpress.com/2008/09/17/scheduling-ssis-packages-with-sql-server-agent/
Up until now I can't figure out why is phpmyadmin inaccessible when I put a password on the root user.
But I've seen someone accessing phpmyadmin and inputting a username and password. How do I do that, so that I can access phpmyadmin even when I put a password to the root user. Because maybe by default the login form is inaccessible. Do I have to write my own php code to have that kind of login form?
take a look at phpmyadmin documentation there is some options about authentication.
quote from the relevant part of the documentation
$cfg['Servers'][$i]['auth_type']
string
['HTTP'|'http'|'cookie'|'config'|'signon']
Whether config or cookie or HTTP or
signon authentication should be used
for this server. 'config'
authentication ($auth_type = 'config')
is the plain old way: username and
password are stored in config.inc.php.
'cookie' authentication mode
($auth_type = 'cookie') as introduced
in 2.2.3 allows you to log in as any
valid MySQL user with the help of
cookies. Username and password are
stored in cookies during the session
and password is deleted when it ends.
This can also allow you to log in in
arbitrary server if
$cfg['AllowArbitraryServer'] enabled.
'HTTP' authentication (was called
'advanced' in previous versions and
can be written also as 'http')
($auth_type = 'HTTP') as introduced in
1.3.0 allows you to log in as any valid MySQL user via HTTP-Auth.
'signon' authentication mode
($auth_type = 'signon') as introduced
in 2.10.0 allows you to log in from
prepared PHP session data. This is
useful for implementing single signon
from another application. Sample way
how to seed session is in signon
example: scripts/signon.php. You need
to configure session name and signon
URL to use this authentication method.
Please see the install section on
"Using authentication modes" for more
information.
I think you want to use the 'http' one.