Check out Building a Data-Centric Culture at the ALMA Observatory on November 5th Read More

Using encrypted password for db connection

Level 3
Using encrypted password for db connection

Hi all,

I want to ask if there is some way to use AES encrypted password for postgresql-db connection ? Due to security concerns we don't want to export our plain text password in server.json file, which is mandatory for building an API.

The goal is to use postgresql sql query in API. But right now this is our main blockpoint.

Thanks in advance for any kind of help

1 Reply
Dataiker
Dataiker

Hi,

Password encryption is not supported on the API node.

It's important to understand that password encryption is mostly here to prevent casual mistakes, and exporting passwords through API.

Fundamentally, DSS needs to be able to actually send the raw password, so DSS has the ability to decrypt the password, which means that the decryption key is also accessible. Meaning that for users who have shell level access to the DSS node, they can get to the decrypted password