On Thu, Oct 11, 2012 at 1:32 PM, Lsilverman <[email protected]> wrote: > I notice that the agentless/.passlist file stores the credentials in plain > text!!! Is there a solution to encrypt this data and still have ossec be > able to read it? > > We don't like the idea of our device IP/hostnames and their credentials > stored in plaintext ;) > > Thanks > > Lou >
Nope, that's pretty much how it goes. I guess we could encrypt it, and have a file with the key/passphrase to decrypt it on the drive. But that would be in plain text, so we could encrypt it, and have a file with the key/passphrase to decrypt it on the drive. But that would be in plain text, so we could encrypt it, and have a file with the key/passphrase to decrypt it on the drive. But that would be in plain text, so we could encrypt it, and have a file with the key/passphrase to decrypt it on the drive. Or, someone could type the password in every time it had to be used...
