Thanks for the clarification, Kevin. John Gammon Network Engineer Forked Deer Electric Cooperative, Inc./Forked Deer Connect, LLC. email: [email protected] ________________________________ From: Kea-users <[email protected]> on behalf of Kevin P. Fleming <[email protected]> Sent: Wednesday, April 20, 2022 10:52 Cc: [email protected] <[email protected]> Subject: Re: [Kea-users] JSON hiding user and password to dB...
On Wed, Apr 20, 2022 at 11:43 AM John Gammon <[email protected]<mailto:[email protected]>> wrote: Good morning, all. I am curious if there is a method to hide the uid and pwd of the user accessing the database as noted within the kea-dhcp4.conf file? I am concerning that this remain protected on our network. In general, no, secrets in configuration files cannot be protected... because encrypting them would just require that the decryption key be available to the daemon when it starts up, and thus anyone looking to harvest the secrets could also decrypt them. Unless you are willing to provide the decryption key at startup via some other (non-locally-stored) means, you'd just be adding a layer of obfuscation, not really securing the secrets. John Gammon Network Engineer Office 731-903-4282 [email protected]<mailto:%[email protected]> [fdec logo] 1135 North Church Street PO Box 67 Halls, TN 38040 www.forkeddeer.com
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
