Showing results for 
Search instead for 
Did you mean: 

SWA: protect the user and pw text?

Bill Hassell
Honored Contributor

SWA: protect the user and pw text?

Since the ITRC user ID and password are currently required to be in plain text format on the command line or in the swa.conf file, can you add code to enforce read only by root for the file (chmod 600) and 700 permissions for $HOME/.swa directory? Adding an interactive ID/pw check is OK for a few systems but for dozens of systems and automated analysis, this is too cumbersome. The permission controls are similar to .ssh files.

Bill Hassell, sysadmin
Patrick Wallek
Honored Contributor

Re: SWA: protect the user and pw text?

If passwords are going to be stored plain-text, the file definitely needs protection. However, there should be some mechanism for hashing the password and storing the hash instead.

For an idea in that realm, see my last comment here: