Encrypting the password
78 Adaptive Server Enterprise
Encrypting the password
Entries in the libtcl.cfg file are in human-readable format. Sybase provides a
pwdcrypt utility for basic password encryption. pwdcrypt is a simple algorithm
that, when applied to keyboard input, generates an encrypted value that can be
substituted for the password.
pwdcrypt is located in
$SYBASE/$SYBASE_OCS/bin.
From the $SYBASE/$SYBASE_OCS directory, enter:
bin/pwdcrypt
Enter your password twice when prompted.
pwdcrypt generates an encrypted password. For example:
0x01312a775ab9d5c71f99f05f7712d2cded2i8d0ae1ce78868d0e8669313d1bc4c706
Copy and paste the encrypted password into the libtcl.cfg file using any
standard ASCII-text editor. Before encryption, the file entry appears as:
ldap=libsybdldap.so
ldap://seashore/dc=sybase,dc=com??one??bindname=uid=Manager,dc=sybase,
dc=com?password
Replace the password with the encrypted string:
ldap=libsybdldap.so
ldap://seashore/dc=sybase,dc=com??one??bindname=uid=Manager,dc=sybase,dc=com
0x01312a775ab9d5c71f99f05f7712d2cded2i8d0ae1ce78868d0e8669313d1bc4c706
Warning! Even if your password is encrypted, you should still protect it using
file-system security.
Performance
Performance when using an LDAP server may be slower than when using an
interfaces file because the LDAP server requires time to make a network
connection and retrieve data. Since this connection is made when Adaptive
Server is started, changes in performance will be seen at login time, if at all.
During normal system load, the delay should not be noticeable. During high
system load with many connections, especially repeated connections with short
duration, the overall performance difference of using an LDAP server versus
the traditional interfaces file might be noticeable.