jhb Posted December 27, 2006 Report Share Posted December 27, 2006 Hi, I can see myself recommending this to my customers esp. the cool real time monitoring type gadgets. The only concern I have is that the ps1 scripts the users run have exposed the database connection strings. Has anyone architected a way round this? eg encryption or something? Cheers, John Quote Link to comment Share on other sites More sharing options...
JuanC Posted December 27, 2006 Report Share Posted December 27, 2006 I am assuming that by "exposed the database connection strings" you are talking about the user and password info. When you are using invoke-sql we support 2 scenarios where this information is securely handled a) Using Windows Authentication: by using your windows credentials your PS1 will contain no user information and you will not get any additional prompts. Using the -credential parameter: Support for this feature was added recently and allows you to specify only the user name with the powershell standard credential handling taking care of prompting for the password. Using this approach will result in an additional prompt for a password but will keep your information confidential. Note that we could provide a tool to encrypt the connection string but we feel this will give users a false sense of security. In order to decrypt it on any machine we would have to include the private key in our exe so it would be just a matter of time before somebody exposes it and renders this encryption useless. So if you are coming from the powershell approach we offer 2 secure ways where your password is not compromised. Still there are probably millions of users who stay away from Windows Authentication and reuse a common security credential for all clients. These users can hardcode the password in the PS1 and as long as they keep the PS1 files in a secure location this approach will not expose anything they are not already exposing with the single-credential client app. Note also that if you are running PS1 scripts, Powershell supports digitally signing those strings to protect you from running scripts from an untrusted source but it does not support encrypting the scripts to protect the information in them. To summarize we are trying to strike a balance between security and usability and we are hoping we expose this clearly to our customers, most of what I described here also applies to gadgets created using the PowerGadgets creator. If you have any suggestions on how we can improve please let us know. JuanC Quote Link to comment Share on other sites More sharing options...
marco.shaw Posted December 27, 2006 Report Share Posted December 27, 2006 Check this guy's Nov 4th blog entry (he also has a link to Lee Holmes blog, but not directly to a particular entry): http://abhishek225.spaces.live.com/ JuanC provides a lot of valuable information. Other possibilities are using a read-only account as a final resort. If the account does get compromised, one will be very limited in any damage that might be done. Quote Link to comment Share on other sites More sharing options...
jhb Posted December 27, 2006 Author Report Share Posted December 27, 2006 Thanks guys for your full answers! Cheers, John Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.