Concepts / Encryption, base64 and password agent with fglpass tool |
The fglpass tool can be started as an agent, to help any BDL application who requires a password to grant access to a private key, by getting it without having to type it. You simply need to enter the password once for each private key at the agent startup, and then any BDL application started on the same machine and with the same user name as the agent itself can get rid of entering the different passwords.
Of course, authentication and data encryption are performed between the BDL application and the agent to guarantee passwords confidentiality, and the passwords are also stored encrypted in the agent memory.
fglpass -agent:4242 RSAKey1.pem DSAKey2.der
Enter pass phrase for RSAKey1.pem:Followed by:
Enter pass phrase for DSAKey2.der:
Once all keys have been treated, it displays following message to notify that the agent is ready to serve.
Agent started
To enable one BDL application to use the password agent capability, set the entry called security.global.agent in the FGLPROFILE file with the port number of the agent.
security.global.agent = "4242"