Skip to Main Content
Status Under Review
Categories Natural (NAT)
Created by Douglas Kelly
Created on Jul 27, 2021

Secure storage/retrieval of passwords such as EXX passwords

Currently, calling secured EntireX services requires calling RPC-CNTX or USR2071N/USR2702N/USR2074N/etc to pass in a user id and password. There's no provision for providing anything other than a clear text password, so it ends up in clear text in the calling program and/or invocation (e.g. USR2072P).

Please provide a means to store and retrieve passwords in a secure manner. Or, better yet, provide interface to allow secure tokens to be used.

Use Case Improved security of credentials.
Created on Brainstorm 07/26/2021 03:04 PM
Brainstorm ID 9308
  • Douglas Kelly
    Reply
    |
    Jul 28, 2023

    Could an etbnattr encrypted password be passed to RPC-CNTX/USR2072/etc?

1 MERGED

provide API for EntireX passwords that accepts encrypted value

Merged
Currently USR2072N is called to send in an EntireX Security password, but USR2072N only accepts a clear text password, which makes it difficult to hide. If there was an API that could send in the encrypted form (e.g. as encrypted by etbnattr) it w...
Douglas Kelly 7 months ago in Natural for Linux and Cloud / Security 1 Under Review