Background: I am working on an application (for a school project) that will essentially become a network asset management and remediation tool. It will scan the network for devices, gather information about them and do some other things not relevant to the question. One feature it would have is allowing the user to provide login credentials for the various networking devices so that the application can then login to those devices so it may gather more information, and later on, allow for changes to be made.
My Question: How am I able to securely store those provided credentials. Currently the back-end will consist of a PostgreSQL database (which will contain the scan data) but I am not sure if it is safe to store them there or how I am supposed to approach the problem of storing them securely so that they may be used later on.
P.S.: Let me know if you need any additional info, I am new to using stack overflow so I am not sure if I have provided enough detail. Thank you.
https://www.postgresql.org/docs/current/static/pgcrypto.html docs are pretty concrete with examples. Create extension once per db:
t=# create extension pgcrypto;
CREATE EXTENSION
Let's say password is Ирландия
, then using random salt:
t=# select crypt('Ирландия', gen_salt('md5'));
crypt
------------------------------------
$1$gMymr.0W$axxTHvfmsNRDkepNAMNsT1
(1 row)
or:
t=# select crypt('Ирландия', gen_salt('md5'));
crypt
------------------------------------
$1$wjJDa4Np$M7XqQIrgnfpAf.CLtrpkv1
(1 row)
different results each time, so take ANY of those to check if password is right, eg:
t=# select crypt('Ирландия', '$1$gMymr.0W$axxTHvfmsNRDkepNAMNsT1') = '$1$gMymr.0W$axxTHvfmsNRDkepNAMNsT1' as match;
match
-------
t
(1 row)
and wrong:
t=# select crypt('ИрландияNOT', '$1$gMymr.0W$axxTHvfmsNRDkepNAMNsT1') = '$1$gMymr.0W$axxTHvfmsNRDkepNAMNsT1' as match;
match
-------
f
(1 row)
the arguments for above functions are in section F.26.2. Password Hashing Functions
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments