Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Re: Secure ways to use DBI?

by zengargoyle (Deacon)
on Apr 17, 2003 at 03:21 UTC ( #251116=note: print w/replies, xml ) Need Help??

in reply to Secure ways to use DBI?

use a better authentication method.

i'm using PostgreSQL with KerberosV5 authentication.

package KrbKey; use base 'Class::DBI'; __PACKAGE__->set_db('Main', 'dbi:Pg:dbname=krbkey;host=dbserver.sub.dom' # no user/password ); __PACKAGE__->table('krpass'); __PACKAGE__->columns(All => qw( passkey passval )); 1; #!/usr/bin/perl use strict; use warnings; use KrbKey; sub lookup { my $key = shift; my $pw = KrbKey->retrieve($key); return $pw->passval; } if (@ARGV) { my @pw = map {lookup($_)} @ARGV; print join $/, @pw, ''; } else { print join $/, map({$_->id} KrbKey->retrieve_all), ''; }

without a valid principal...

$ getpw Failure while doing '' with '_filter_retrieve_all in KrbKey' Ima::DBI->connect(dbname=krbkey;host=dbserver.sub.dom) failed: Kerbero +s 5 authentication failed at /opt/network/bin/getpw line 17 at /opt/network/bin/getpw line 17

and with...

$ kinit Password for me@SUB.DOM: $ getpw cisco.console cisco.enable

there's also the possibility of using SSL and Certificates for authentication (i think even MySQL can do SSL auth)

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://251116]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (4)
As of 2022-05-27 21:28 GMT
Find Nodes?
    Voting Booth?
    Do you prefer to work remotely?

    Results (98 votes). Check out past polls.