You can translate the question and the replies:

Encrypting passwords that are stored in the .properties files

Hello, How can I manually encrypt the passwords that are in the properties files? I ask because I'm managing my own properties files outside of Denodo and I wanted to use the encrypted password instead of the plain text password. I wanted to do this without having to type the password into the VDPAdmin tool and then do an export. If there is no way to do this, I suppose I could write my own utility to do it: 1) Create a new virtual database 2) Create a data source with the unencrypted password 3) Export that virtual database to a .vql file and a .properties file 4) Read the .properties file and extract out the encrypted password. 5) Drop the database since we don't need it anymore. This seems like a lot of work just to encrypt the password, but I'm not sure how else you'd do it without a separate utility to encrypt the password. Thank you~! Keywords encrypt password
17-09-2014 17:53:15 -0400

9 Answers

Hi, I want to let you know that a new VQL command will be available for doing that (convert plain-text into an encrypted password) in future releases. I cannot be more time specific at this moment but it is in the roadmap.
Denodo Team
19-09-2014 06:56:07 -0400
Hi, please check if the script (encrypt_password.bat) available in your Denodo Platform folder.(e.g. \Denodo Platform\tools\db\denodo-db-tools\bin\encrypt_password.bat) covers your needs. Let us know if this is what you were looking for Thanks!
Denodo Team
23-09-2014 15:42:52 -0400
Hello, Thank you for the response. That encrypt_password executable is for encrypting the password that is used in the export/import scripts, not for the data source properties. It would be wonderful if it worked for both, but it doesn't :-) . Thank you~!
26-09-2014 10:18:58 -0400
This is done in Denodo 5.5 June 2015 update: Added enhancement #11098. A new predefined stored procedure has been added for encrypting passwords. You can use it by running the following: Tools > VQL Shell > Run this: encrypt_password 'mypass' You can also run this via JDBC. Note: this utility does not escape colons or equals signs... so if you are going to paste the password into your .properties, you need to replace the equals and colons ( = and : )
12-02-2016 12:11:20 -0500
You can now run: <denodo_install>\bin\encrypt_password.bat 'yourpassword123' Encrypted Password: Mxp7BF1lpGEqCMC7Uer35OrHiiyn2PNSjM/fc2ntby8=
Denodo Team
02-05-2018 13:32:49 -0400
Hello Team, We did some research on this here is the way you can encrypt your password through Denodo Vql shell. Tools > VQL Shell > Run this: ENCRYPT_PASSWORD 'test_user'; Thanks, Hardik
28-03-2019 17:12:17 -0400
I wanted to clarify when to use the VQL `ENCRYPT_PASSWORD ‘plain_password’;` and when the script ` <denodo_install>\bin\encrypt_password.bat ‘your_password’` Both encryption tools are used for different purposes (and they use different keys for encryption, so they cannot be used interchangeably): * **encrypt_password.bat/.sh script**: used by db-tools scripts (e.g. import/export/ping/denodo_monitor scripts) for encrypting the password of the user configured to connect to the Denodo Server. * **ENCRYPT_PASSWORD VQL statement**: used for encrypting the password in the format used by the property files generated when exporting the data sources created in Denodo to a VQL file and in the VDP Administration Tool's import dialog . Hope this helps!
Denodo Team
01-04-2019 07:17:20 -0400
@Denodo Support can you add some background to both ways of encrypting passwords. What is the used algoritm in both cases? Is this PBEWithMD5AndDES or is this only for the ENCRYPT function (part of the DenodoXtr add-on). Why is the encryptpassword.bat every time I invoke the function giving a different output for the same input string? For example encryptpassword mypassword123 SWk5SEnqy60e5QY064SGcOfHJZKliPEm encryptpassword mypassword123 bZB3od0qamzv2QFieUDFBz3H281JRH4E*
12-06-2019 05:51:07 -0400
Hi, I believe the encryptpassword.bat/sh uses random salt hash mechanism which generates unique values every time it is used. So, even if I pass the same text to the encryption adds random salt values to give different output. This is normal and good security approach. I am sure that the algorithm or internal encryption used in Denodo Platform would be proprietary information. So, the details regarding the same would not be accessible in open forum. Hope this helps!
Denodo Team
25-06-2019 07:05:26 -0400
You must sign in to add an answer. If you do not have an account, you can register here