[
https://issues.apache.org/jira/browse/GUACAMOLE-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17254520#comment-17254520
]
Nick Couchman commented on GUACAMOLE-1244:
------------------------------------------
Do you have suggestions on how to do this? By definition, because this is a
configuration file, the password must be reversible; therefore, pretty much any
method which "secures" the password is really just obscuring it, making it ever
so slightly more difficult for someone to locate the value and decrypt it.
This has been requested multiple times in the past, and we've concluded that
the value for obscuring the database configuration password in the
guacamole.properties file is very low. You should make sure that the
permissions are set appropriately on the guacamole.properties file and its
containing directory (/etc/guacamole, usually), as this will provide a
reasonable level of security. In my case I run both guacd and Tomcat under a
dedicated user account, and only this account has access to that directory
(directory mode 0700, file mode 0600).
> Provide secure way to add MySQL password in guacamole configuration file
> ------------------------------------------------------------------------
>
> Key: GUACAMOLE-1244
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1244
> Project: Guacamole
> Issue Type: Improvement
> Affects Versions: 1.2.0
> Reporter: leo las
> Priority: Minor
>
> Provide secure way to add MySQL password in guacamole configuration file
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
