Document Type | Technical Information
Category | Security
Document Number | TSETI004
Overview
This article guides you through setting environment variables and creating a Wallet for encrypting connection information.
SAVE CREDENTIAL is a feature in the tbSQL utility that encrypts database connection information and stores it in a Wallet file. Using this feature eliminates the need to write IDs and passwords directly in shell scripts, preventing the leakage of account information.
Method
Add Environment Variable
To use connection information encryption, a wallet environment variable is required. Tibero uses ISQL_WALLET_PATH as the wallet environment variable.
$ export ISQL_WALLET_PATH=/tibero_data/$TB_SID/wallet/wallet.dat
Registering it in the OS profile will apply it even after reboot.
Create Wallet Directory
Create the directory where the Wallet file will be stored.
$ mkdir -p /tibero_data/$TB_SID/wallet $ chmod 700 /tibero_data/$TB_SID/wallet
Create tbSQL Wallet
Connect to tbsql and create the Wallet. The Wallet stores the connected account (ID/Password) in encrypted form.
$ tbsql tbSQL 5 Copyright (c) 2008, 2009, 2011, 2012 Tibero Corporation. All rights reserved. Can't login with the wallet file. Login the database and SAVE CREDENTIAL again. Enter Username: dbuser Enter Password: dbuserpassword Connected to Tibero. SQL> SAVE CREDENTIAL Complete to generate the wallet file. SQL> exit
Check the created Wallet file.
$ ls -alt $ISQL_WALLET_PATH -rw-r--r-- 1 tibero tibero 16 Jul 17 18:12 /tibero_data/tibero/wallet/wallet.dat