You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sqoop.apache.org by "Jarek Jarcec Cecho (JIRA)" <ji...@apache.org> on 2016/01/25 22:59:39 UTC
[jira] [Commented] (SQOOP-2801) Secure RDBMS password in Sqoop
Metastore in a encrypted form
[ https://issues.apache.org/jira/browse/SQOOP-2801?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15116155#comment-15116155 ]
Jarek Jarcec Cecho commented on SQOOP-2801:
-------------------------------------------
I thought that we will never store the password in the repository unless explicitly allowed via [{{sqoop.metastore.client.record.password}}|https://github.com/apache/sqoop/blob/trunk/conf/sqoop-site-template.xml#L116] and if users do indeed secure way to store password, then using {{\-\-pasword\-file}} instead of {{\-\-password}} is recommended. Wondering if you are aware of those options [~standon]?
> Secure RDBMS password in Sqoop Metastore in a encrypted form
> ------------------------------------------------------------
>
> Key: SQOOP-2801
> URL: https://issues.apache.org/jira/browse/SQOOP-2801
> Project: Sqoop
> Issue Type: Improvement
> Affects Versions: 1.4.6
> Reporter: Shashank
> Assignee: Shashank
> Priority: Minor
> Fix For: 1.4.7
>
> Attachments: SQOOP-2801_0.patch
>
>
> Currently Sqoop store password in the sqoop metastore in the form of plain text.While running command,
> sqoop job --show <job_name> , password becomes visible as plain text.Also anyone can see the password in metastore db since it is visible in a plain text.In order to provide more security, CryptoFileLoader class is extended to store password in metastore in encrypted form.Sqoop will decrypt the password during exec job.In case of show job , the password will be visible as encrypted manner.User can pass any algorithm and passphrase to encrypt the password in a similar way as it happens in case of storing password in the File.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)