Datastage Log in Password Encryption

A forum for discussing DataStage<sup>®</sup> basics. If you're not sure where your question goes, start here.

Moderators: chulett, rschirm, roy

Post Reply
JSWARBRI
Participant
Posts: 14
Joined: Fri Jan 23, 2004 8:37 am

Datastage Log in Password Encryption

Post by JSWARBRI »

Hi,

We were carrying out penetration tests on our network and as I logged into datastage the IP packet was captured. In this packet was both the username and password in clear text.

We are not currently using SSL, as we did a default install of InfoSphere and this is without SSL enabled.

I've checked the documentation for enabling SSL and the implementation documentation specifies that there is a degredation in performance when SSL is enabled, however it does not specify to what extent.

So is there anyway to ecrypt the password that is used to log in to datastage without enabling SSL. If not are there any pit falls I should be aware of if I enable SSL.

Thanks
Top
bhargav_dd
Premium Member
Premium Member
Posts: 57
Joined: Tue Jun 30, 2009 9:38 am

Post by bhargav_dd »

i Think U can encrypt the password by using unix scripts which is easy way to do
Top
Kryt0n
Participant
Posts: 584
Joined: Wed Jun 22, 2005 7:28 pm

Post by Kryt0n »

If unix encrypts it, how will DataStage know what the actual password is? The only way the login password can be encrypted is if the DataStage login process has the functionality to do so, which I haven't heard of (and would have thought it was the default).

Would say though that should your network be breached I'm sure your work will have more problems than worrying about DataStage passwords being captured (or are you navigating the internet to log in?)
Top
Post Reply

Return to “General”