Try OpenEdge Now
skip to main content
New Information
OpenEdge SQL
 

OpenEdge SQL

The OpenEdge Release 11.7.3 Service Pack includes the following update for OpenEdge SQL:

Securely specifying a password in SQL Explorer

The purpose of SQL Explorer password security is to find a safe and secure way to provide password security.
While using SQL Explorer, the password is specified using the -password option which is in clear text and is visible. SQL Explorer password security helps in blocking this security breach. Using this feature, the password value cannot be viewed by UNIX operating system tools like ps and any other Windows equivalents.
For SQL Explorer password security, the options are (in the sequence of most secured to least):
*Prompt for password — Previously, the -password option of SQL Explorer was mandatory when it was used along with -user option. Now this is optional. The SQL Explorer utility prompts for password when it is not provided in the command line. While typing, the password is neither visible in the console and nor viewed by any operating system utility.
*Using sqlexp in batch mode — SQL user can redirect the output of echo / cat commands to sqlexp via ‘pipe’ (‘|’). This option is less secure than the one above.
*Using genpassword utility — This option is for those who want to use the command line to provide the password. Use the genpassword utility to generate an encrypted password instead of using the actual password. Then use the encrypted password in the SQL Explorer tool.
If the password is test for user userA then use the genpassword utility to get an OECH1 encrypted password for test, as shown:
genpassword -password test
encrypted-password
You can take the encrypted-password output from the genpassword utility and prefix with oech1::, and supply that to -password option of sqlexp.
For more information on the genpassword utility, see OpenEdge Getting Started: Installation and Configuration.