Is there a way to hash the password for the stash database password? I was looking up how to change the password here: https://confluence.atlassian.com/display/STASH029/How+do+I+change+the+external+database+passwordand I realized our external database password was being stored in plaintext. Is this going to be changed in the future? I know we can chmod 700 on the directories so that only the jira service account can see the files, but our security team isn't happy that our possible production database password can be seen.
Hi Jen,
I'm curious how Stash would be able to connect to the database with a hashed password? The best you can do is encode it somehow, but anyone that gains access to the file will most likely be able to decode it again.
I'm assuming the password is for a Stash specific user in the database, that doesn't have access to anything else.
In any case I'm afraid we don't support non-plaintext passwords currently. chmoding the file is a good idea. Feel free to raise a feature request if you like.
Charles
There's an interesting discussion on the similar Confluence ticket if you're curious:
https://jira.atlassian.com/browse/CONF-2146?focusedCommentId=109423&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-109423
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Charles,
Thank you for linking that ticket. That is exactly the issue I was concerned with. I have set permissions on the folder for access by the stash admin for now. I'll make sure to keep track to that ticket to see where it is going.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.