Is there a way to hash the password for the stash database password? I was looking up how to change the password here: https://confluence.atlassian.com/display/STASH029/How+do+I+change+the+external+database+passwordand I realized our external database password was being stored in plaintext. Is this going to be changed in the future? I know we can chmod 700 on the directories so that only the jira service account can see the files, but our security team isn't happy that our possible production database password can be seen.
I'm curious how Stash would be able to connect to the database with a hashed password? The best you can do is encode it somehow, but anyone that gains access to the file will most likely be able to decode it again.
I'm assuming the password is for a Stash specific user in the database, that doesn't have access to anything else.
In any case I'm afraid we don't support non-plaintext passwords currently. chmoding the file is a good idea. Feel free to raise a feature request if you like.
There's an interesting discussion on the similar Confluence ticket if you're curious:
Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs