Storing security artifacts in stand-alone environments

Protect secure passwords to prevent access from unauthorized users.

About this task

The FilePasswordEncoder utility is included with WebSphere® eXtreme Scale Client to encode passwords in eXtreme Scale configuration files. The FilePasswordEncoder utility encodes passwords; however, it is possible to recover the passwords that are used to access the file. Therefore, you must protect the file system on which the client properties, the server properties, and the keystores and truststores are kept, so that only authorized users have access.

Procedure

Run the FilePasswordEncoder.bat|sh command to encode this property using an exclusive or (xor) algorithm.to provide a measure of protection for passwords.

Run the FilePasswordEncoder utility on the client.properties file and the server.properties file; for example:

./FilePasswordEncoder.sh <server properties file>
./FilePasswordEncoder.sh <client properties file>

A sophisticated user can recover encoded passwords. These passwords are not encrypted because the eXtreme Scale code must be able to recover them to run. Therefore, ensure that only authorized persons can access the files where these passwords are stored.

What to do next

Starting secure servers in a stand-alone environment