Encrypting Passwords
  • 13 Jun 2022
  • Dark
    Light
  • PDF

Encrypting Passwords

  • Dark
    Light
  • PDF

Article Summary

The properties.json file will likely contain passwords. As a best practice, use the rule of least privilege any time this file is managed.

  1. Set the file system permissions to user-read.

    chmod 0600 /opt/pronghorn/current/properties.json
    
  2. Change to the following directory.

    /opt/pronghorn/current/node_modules/@itential/pronghorn-core/utils
    
  3. Use the IAP encrypt tool to encrypt sensitive passwords before saving them in the properties.json file.

    $ node encrypt.js password
    Encrypted Password: $ENC93eb9439537ae34196db49409dd0261a8b87218fafd0419
    

    Note: The encrypt.js tool will respond with a string that starts with $ENC. Use this string when configuring passwords in the properties.json file.

  4. Store the entire string below in the properties.json file without exposing the password.

    "mongoProps": {
        "db": "pronghorn",
        "url": "mongodb://localhost:27017",
        "credentials": {
            "dbAuth": true,
            "user": "pronghorn",
            "passwd": "$ENC82ee8a234a69f15bdb8e05409cda2418878b2f85af"
        }
    }
    
  5. Alternatively, use the Vault Encryption feature. See the HashiCorp Vault Encryption guide to learn more.


Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.