[
https://issues.apache.org/jira/browse/SQOOP-2801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15116607#comment-15116607
]
Venkat Ranganathan commented on SQOOP-2801:
-------------------------------------------
With the password alias option available since Sqoop 1.4.6, we can use that to
store the alias and use a jks to decrypt it.
> Secure RDBMS password in Sqoop Metastore in a encrypted form
> ------------------------------------------------------------
>
> Key: SQOOP-2801
> URL: https://issues.apache.org/jira/browse/SQOOP-2801
> Project: Sqoop
> Issue Type: Improvement
> Affects Versions: 1.4.6
> Reporter: Shashank
> Assignee: Shashank
> Priority: Minor
> Fix For: 1.4.7
>
> Attachments: SQOOP-2801_0.patch
>
>
> Currently Sqoop store password in the sqoop metastore in the form of plain
> text.While running command,
> sqoop job --show <job_name> , password becomes visible as plain text.Also
> anyone can see the password in metastore db since it is visible in a plain
> text.In order to provide more security, CryptoFileLoader class is extended to
> store password in metastore in encrypted form.Sqoop will decrypt the password
> during exec job.In case of show job , the password will be visible as
> encrypted manner.User can pass any algorithm and passphrase to encrypt the
> password in a similar way as it happens in case of storing password in the
> File.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
