On Wed, Apr 20, 2022 at 11:43 AM John Gammon <[email protected]> wrote:
> Good morning, all. > > I am curious if there is a method to hide the uid and pwd of the user > accessing the database as noted within the kea-dhcp4.conf file? I am > concerning that this remain protected on our network. > > > In general, no, secrets in configuration files cannot be protected... because encrypting them would just require that the decryption key be available to the daemon when it starts up, and thus anyone looking to harvest the secrets could also decrypt them. Unless you are willing to provide the decryption key at startup via some other (non-locally-stored) means, you'd just be adding a layer of obfuscation, not really securing the secrets.
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
