Encryption of passwords in teamserver.properties
Hi all
The teamserver.properties file contains a database user password. What technique/method is used to encrypt this password? The security team at my customer wants to know. thanks anthony |
Accepted answer
Hi,
The original password is passed through a Data Encryption Standard (DES) algorithm and is then passed through a base64 algorithm before being written to the teamserver.properties file.
- Kunal
Ralph Schoon selected this answer as the correct answer
|
4 other answers
Hi all Can someone answer this: We don't necessarily need to know the encryption/encoding method because it would be unsafe to publish that information; however, This would be extremely helpful because we have to change passwords every 90 days. It is easier to edit the teamserver.properties file rather than change passwords in the UI. After editing passwords (in the clear) in the teamserver.properties file, we would like to run a command line tool to encode the passwords. Thanks. |
If you install the Jazz build engine toolkit, then the jbe executable can be used to encode a password. The jbe uses the same encoding which is valid for the teamserver.properties file.
From RTC Help:
2. Type j 3. When prompted, type the password. The password is encrypted and stored in a pass.txt file that is located in the Build System Toolkit installation directory. Then...
2. Enclose the value in square brackets . 3. And finally add an escape (backward slash) before each trailing =. For example == becomes \=\=. Works for me! Comments
Mallikarjuna Manoj Kandala
commented Jul 31, 3:25 a.m.
We tried this method, and it is not working for us.
Do not comment on 12 year old answers.
Also see the guidelines: https://jazz.net/forum-guidelines.jsp |
Approach 2 to change the userid/password after expiry: 1. Try opening publicURI/jts/setup & publicURI/ccm/setup and skip to the step number by overtyping the step number on URL and give the userid and password > Test connection > Next to save the setting. 2. Logon to publicURI/jts/admin & publicURI/ccm/admin > Server > Advanced properties > edit userid and password for dataWareHouse and save the settings. Note: when we try the URL we might get 400, refresh a couple of times and we landed on the login page. |
I am attempting to script the silent installation of Jazz with DB2 and I need a scriptable way to store the proper password string into the teamserver.properties files. The jbe utility isn't available and running the Setup UI to collect its generated teamserver.properties files isn't an option.
Because those DB2 passwords should match the Unix login passwords for the selected DB2 user accounts, these teamserver.properties SHOULD store strings constructed using the MD5 algorithm. The values could be generated using the openssl tool:
> openssl passwd -1 db2inst1
(Windows servers would need values generated according to however Windows encrypts its passwords.)
Comments
Donald Nong
commented Sep 01 '16, 9:19 p.m.
Just curious, why did you say teamserver.properties should store an MD5 string?
Lonnie VanZandt
commented Sep 01 '16, 10:06 p.m.
Well, currently, it seems to accept either plaintext (when used as an input before the repotools_jts setup operation) or a custom-encrypted value (when stored as a runtime parameter after the setup operation).
Ideally, it would never appear in plaintext and it would be conveniently stored as the same value as is used for the user account -- because DB2 uses the underlying OS login authentication for its password management.
Now, Unix systems use that MD5 Algorithm 1 as their crypt algorithm for user accounts.
Together these imply that the value in the properties file for the password would be the MD5 string I suggested.
If not, where did I make a mistake in my reasoning?
Donald Nong
commented Sep 09 '16, 2:09 a.m.
Oracle password does not rely on the OS, and yet, its encrypted form is stored in teamserver.properties file. How do you deduce this?
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.