Symantec Access Management

Expand all | Collapse all

smreghost password encryption

Jump to Best Answer
  • 1.  smreghost password encryption

    Broadcom Employee
    Posted 07-19-2018 10:56 AM

    I'm working with a customer who would like the username/password supplied to the smreghost command on a Linux policy server to be encrypted rather than plain text.  Is there a technique to accomplish this?



  • 2.  Re: smreghost password encryption
    Best Answer

    Posted 07-19-2018 11:12 AM

    Rich Rich_Faust

     

    -u    <Administrator username>   has to typed alongside the command.

     

    -p    <Administrator password>   I think if we do not specify -p   OR  if we specify -p <BLANK>; then I vaguely remember that the tool prompts the user to enter on execution of the smreghost command. This is a much secure way that having to type the password in clear alongside the command.  Test this and let know.

     

    At the moment there is no option to externally provide the creds in a secure manner (Encrypted) to smreghost. This I believe is pretty much the same practice for all tools with the product i.e. XPSRegClient etc. I think we are piggybacking off the fact that if someone hacked the server, then pretty much has access to everything. Thus we are relying on the security and audit trail surrounding the SSH / Server.

     

    I think an ER would be appropriate to request the functionality being sought. 



  • 3.  Re: smreghost password encryption

    Broadcom Employee
    Posted 07-19-2018 11:29 AM

    Thanks, Hubert.  You're right about the tool prompting for password if not supplied.  Your response is pretty much what I expected, but I thought I would ask :-)