Re: [Dev] [Cipher Tool] Persist the Key Store Password Permanently
Hi, If this file is named 'password-persist', it will not be deleted. [1] - http://ajithvblogs.blogspot.com/2014/01/secure-custom-properties-file-using.html Note:~ This temp file(password-tmp) will be delete after the server started. It implied that you have to create that file for every restart. But if you think your deployment system is secured, then create that temp file name having password-persist, that file will be remain even after the server started. Therefore you don't need to create for each restart. Thanks, Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka On Fri, Dec 12, 2014 at 5:05 PM, Isuru Haththotuwa isu...@wso2.com wrote: Hi, Is it possible to $subject, for the key store that is used to encrypt the plain text passwords? Currently AFAIU its stored in a temporary file, which will get deleted after the carbon server started. -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Cipher Tool] Persist the Key Store Password Permanently
Thanks Pushpalanka. On Fri, Dec 12, 2014 at 12:44 PM, Pushpalanka Jayawardhana la...@wso2.com wrote: Hi, If this file is named 'password-persist', it will not be deleted. [1] - http://ajithvblogs.blogspot.com/2014/01/secure-custom-properties-file-using.html Note:~ This temp file(password-tmp) will be delete after the server started. It implied that you have to create that file for every restart. But if you think your deployment system is secured, then create that temp file name having password-persist, that file will be remain even after the server started. Therefore you don't need to create for each restart. Thanks, Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka On Fri, Dec 12, 2014 at 5:05 PM, Isuru Haththotuwa isu...@wso2.com wrote: Hi, Is it possible to $subject, for the key store that is used to encrypt the plain text passwords? Currently AFAIU its stored in a temporary file, which will get deleted after the carbon server started. -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Cipher Tool] Persist the Key Store Password Permanently
But I wonder whether we could recommend this approach. If you get rid of key store password, you could decrypt any encrypted password, isn't it ? On Fri, Dec 12, 2014 at 5:21 PM, Isuru Haththotuwa isu...@wso2.com wrote: Thanks Pushpalanka. On Fri, Dec 12, 2014 at 12:44 PM, Pushpalanka Jayawardhana la...@wso2.com wrote: Hi, If this file is named 'password-persist', it will not be deleted. [1] - http://ajithvblogs.blogspot.com/2014/01/secure-custom-properties-file-using.html Note:~ This temp file(password-tmp) will be delete after the server started. It implied that you have to create that file for every restart. But if you think your deployment system is secured, then create that temp file name having password-persist, that file will be remain even after the server started. Therefore you don't need to create for each restart. Thanks, Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka On Fri, Dec 12, 2014 at 5:05 PM, Isuru Haththotuwa isu...@wso2.com wrote: Hi, Is it possible to $subject, for the key store that is used to encrypt the plain text passwords? Currently AFAIU its stored in a temporary file, which will get deleted after the carbon server started. -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks regards, Nirmal Senior Software Engineer- Platform Technologies Team, WSO2 Inc. Mobile: +94715779733 Blog: http://nirmalfdo.blogspot.com/ ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Cipher Tool] Persist the Key Store Password Permanently
On Fri, Dec 12, 2014 at 12:56 PM, Nirmal Fernando nir...@wso2.com wrote: But I wonder whether we could recommend this approach. If you get rid of key store password, you could decrypt any encrypted password, isn't it ? Yes, that is true. However, for a secure deployment this is acceptable IMHO, specially if the server is not exposed to public. Depends on the requirement. On Fri, Dec 12, 2014 at 5:21 PM, Isuru Haththotuwa isu...@wso2.com wrote: Thanks Pushpalanka. On Fri, Dec 12, 2014 at 12:44 PM, Pushpalanka Jayawardhana la...@wso2.com wrote: Hi, If this file is named 'password-persist', it will not be deleted. [1] - http://ajithvblogs.blogspot.com/2014/01/secure-custom-properties-file-using.html Note:~ This temp file(password-tmp) will be delete after the server started. It implied that you have to create that file for every restart. But if you think your deployment system is secured, then create that temp file name having password-persist, that file will be remain even after the server started. Therefore you don't need to create for each restart. Thanks, Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka On Fri, Dec 12, 2014 at 5:05 PM, Isuru Haththotuwa isu...@wso2.com wrote: Hi, Is it possible to $subject, for the key store that is used to encrypt the plain text passwords? Currently AFAIU its stored in a temporary file, which will get deleted after the carbon server started. -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks regards, Nirmal Senior Software Engineer- Platform Technologies Team, WSO2 Inc. Mobile: +94715779733 Blog: http://nirmalfdo.blogspot.com/ -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Cipher Tool] Persist the Key Store Password Permanently
hmm.. then why we need to encrypt anything at all ? On Fri, Dec 12, 2014 at 5:29 PM, Isuru Haththotuwa isu...@wso2.com wrote: On Fri, Dec 12, 2014 at 12:56 PM, Nirmal Fernando nir...@wso2.com wrote: But I wonder whether we could recommend this approach. If you get rid of key store password, you could decrypt any encrypted password, isn't it ? Yes, that is true. However, for a secure deployment this is acceptable IMHO, specially if the server is not exposed to public. Depends on the requirement. On Fri, Dec 12, 2014 at 5:21 PM, Isuru Haththotuwa isu...@wso2.com wrote: Thanks Pushpalanka. On Fri, Dec 12, 2014 at 12:44 PM, Pushpalanka Jayawardhana la...@wso2.com wrote: Hi, If this file is named 'password-persist', it will not be deleted. [1] - http://ajithvblogs.blogspot.com/2014/01/secure-custom-properties-file-using.html Note:~ This temp file(password-tmp) will be delete after the server started. It implied that you have to create that file for every restart. But if you think your deployment system is secured, then create that temp file name having password-persist, that file will be remain even after the server started. Therefore you don't need to create for each restart. Thanks, Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka On Fri, Dec 12, 2014 at 5:05 PM, Isuru Haththotuwa isu...@wso2.com wrote: Hi, Is it possible to $subject, for the key store that is used to encrypt the plain text passwords? Currently AFAIU its stored in a temporary file, which will get deleted after the carbon server started. -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks regards, Nirmal Senior Software Engineer- Platform Technologies Team, WSO2 Inc. Mobile: +94715779733 Blog: http://nirmalfdo.blogspot.com/ -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* -- Thanks regards, Nirmal Senior Software Engineer- Platform Technologies Team, WSO2 Inc. Mobile: +94715779733 Blog: http://nirmalfdo.blogspot.com/ ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Cipher Tool] Persist the Key Store Password Permanently
On Fri, Dec 12, 2014 at 1:00 PM, Nirmal Fernando nir...@wso2.com wrote: hmm.. then why we need to encrypt anything at all ? Good point. AFAIS its sometimes a policy for certain environments to keep passwords encrypted. On Fri, Dec 12, 2014 at 5:29 PM, Isuru Haththotuwa isu...@wso2.com wrote: On Fri, Dec 12, 2014 at 12:56 PM, Nirmal Fernando nir...@wso2.com wrote: But I wonder whether we could recommend this approach. If you get rid of key store password, you could decrypt any encrypted password, isn't it ? Yes, that is true. However, for a secure deployment this is acceptable IMHO, specially if the server is not exposed to public. Depends on the requirement. On Fri, Dec 12, 2014 at 5:21 PM, Isuru Haththotuwa isu...@wso2.com wrote: Thanks Pushpalanka. On Fri, Dec 12, 2014 at 12:44 PM, Pushpalanka Jayawardhana la...@wso2.com wrote: Hi, If this file is named 'password-persist', it will not be deleted. [1] - http://ajithvblogs.blogspot.com/2014/01/secure-custom-properties-file-using.html Note:~ This temp file(password-tmp) will be delete after the server started. It implied that you have to create that file for every restart. But if you think your deployment system is secured, then create that temp file name having password-persist, that file will be remain even after the server started. Therefore you don't need to create for each restart. Thanks, Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka On Fri, Dec 12, 2014 at 5:05 PM, Isuru Haththotuwa isu...@wso2.com wrote: Hi, Is it possible to $subject, for the key store that is used to encrypt the plain text passwords? Currently AFAIU its stored in a temporary file, which will get deleted after the carbon server started. -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev -- Thanks regards, Nirmal Senior Software Engineer- Platform Technologies Team, WSO2 Inc. Mobile: +94715779733 Blog: http://nirmalfdo.blogspot.com/ -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* -- Thanks regards, Nirmal Senior Software Engineer- Platform Technologies Team, WSO2 Inc. Mobile: +94715779733 Blog: http://nirmalfdo.blogspot.com/ -- Thanks and Regards, Isuru H. +94 716 358 048* http://wso2.com/* ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev