DB2 Connect Encrypt Password

Hi All,

If someone can help me with password encryption. We have shell scripts that connect to a database using db2 connect and we have the password hardcoded in the script.

Can someone let me know if there's a way to encrypt this password?

I've seen alot of users suggest we create an environmental variable in another file with very limited rights but unfortunately we are not the root users on this box and the root users will still have access to that box.

Thanks

It's useless to encrypt a password if you can't keep it encrypted. The instant you decrypt it again, it's vulnerable. Including the decryption method in the script just makes it sillier -- they can see exactly what you did and duplicate it. For that matter, they might not even need your password to get into your db2 database, since they're root.

You can't protect anything from root. They can even get into /etc/shadow.

They are the root of our UNIX servers not our database admins. So that is what I am asking if anyone knows a way to have encrypted on the UNIX server and have the db2 connect decrypt it when it tries to connect.

The db2 server is on a different machine, then?

---------- Post updated at 10:28 AM ---------- Previous update was at 10:22 AM ----------

Moot point, I think. You can't prevent root from examining what your script is doing and perfectly duplicating it. You can't protect anything from root. A system where you need to try to do so is a pretty messed up security model.