Page 1 of 2 12 LastLast
Results 1 to 15 of 21
  1. #1
    Join Date
    Dec 2011
    Posts
    9

    Unanswered: hide DB2 password in the ps -ef command while executing the script

    Hi,

    I need to hide the db2 password

    db2 -tx +p <<EOF1

    connect to ${DBALIAS} user ${user} using ${pwd};
    In the above scenario, any one can see the password by giving ps -ef while its running or in the log.

    So I want a best possible way to hide this.

    Ur help is highly appreciated

  2. #2
    Join Date
    Jan 2003
    Posts
    4,292
    Provided Answers: 5
    Is this a script or interactive session?

    Andy

  3. #3
    Join Date
    Dec 2011
    Posts
    9

    hide DB2 password in the ps -ef command while executing the script

    This is script
    which will run automatically thru cron or Tivoli Manager

    Please help me to overcome this

  4. #4
    Join Date
    Jan 2003
    Posts
    4,292
    Provided Answers: 5
    Let me get this straight. You have a script that has the password in it unencrypted where anyone can read it, and you are worried that they will get a glimpse of it with ps. I think you need to figure a different way.

    Andy

  5. #5
    Join Date
    Dec 2011
    Posts
    9
    Yes... but i dont have any idea of the different way....

  6. #6
    Join Date
    Jan 2003
    Posts
    4,292
    Provided Answers: 5
    Is the script running on the DB2 server? Which user is running the script?

    Andy

  7. #7
    Join Date
    Dec 2011
    Posts
    9

    hide DB2 password in the ps -ef command while executing the script

    the script is running on AIX 6.1 Version. And DB2 sits on AIX

    The script is scheduled in Tivoli. The script is having 777 permission.
    Last edited by db2_unix_help; 12-08-11 at 12:40.

  8. #8
    Join Date
    Jan 2003
    Posts
    4,292
    Provided Answers: 5
    Which user is running the script?

    Andy

  9. #9
    Join Date
    Dec 2011
    Posts
    9

    hide DB2 password in the ps -ef command while executing the script

    Batch user.

    The scripts will be running in batch mode

  10. #10
    Join Date
    Jan 2003
    Posts
    4,292
    Provided Answers: 5
    Since you are running the script on the server where DB2 resides, it may be possible to not use a password at all. I do not know AIX, but this works on linux. Just make sure that the DB2 environment is set up for the user.

    Andy

  11. #11
    Join Date
    Dec 2011
    Posts
    9

    hide DB2 password in the ps -ef command while executing the script

    Hi Andy,

    can you give me an example....

    because in my case its not working without password.

  12. #12
    Join Date
    Jan 2003
    Posts
    4,292
    Provided Answers: 5
    Try doing this:

    1) open a terminal session on the server as the Batch User
    2) Issue "connect to DBALIAS"

    What happens?

    Andy

  13. #13
    Join Date
    Sep 2008
    Location
    Toronto,Canada
    Posts
    655
    Basically there may not be any feasible solution as long as you set permission to 777. Only thing seems possible not to use any password. The job runs local, you do not have to provide a password as Andy said.

    However if you are able to set permissions to 700, which should be possible in most cases, .psec file method is most appropriate to connect to databases, even on remote server.

    As long as you are on trusted domain, db2 should not require any password.

    Regards

  14. #14
    Join Date
    Nov 2011
    Location
    Shen Zhen,China
    Posts
    37
    1 if the AUTHENTICATION set as SERVER or SERVER_ENCRYPT
    # db2 get dbm cfg|grep AUTHENTICATION
    Database manager authentication (AUTHENTICATION) = SERVER_ENCRYPT

    then there is no need set the password in the connect line

    2 generate RSA Public and Private keys for SCP,SSH,script between the servers

    3 Alternatively,
    connect to ${DBALIAS} user ${user} using `cat /some/dir/passwd_file`;

  15. #15
    Join Date
    Dec 2011
    Posts
    9
    Hi Andy/DB Finder,

    I'm getting the below error message while trying to connect

    $ db2 connect to <dbalias>
    SQL30082N Security processing failed with reason "3" ("PASSWORD MISSING").
    SQLSTATE=08001


    Hi wolaos123,

    I'm getting the below error message while trying to connect from the prompt without specifying the pwd.

    $ db2 connect to <dbalias>
    SQL30082N Security processing failed with reason "3" ("PASSWORD MISSING").
    SQLSTATE=08001

    <user>@<server>:<path> >
    $ db2 get dbm cfg|grep AUTHENTICATION
    Database manager authentication (AUTHENTICATION) = SERVER_ENCRYPT

    Please give me an example for RSA Authentication.
    Please help me on this.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •