Encrypting passwords in buildforge.conf and bfagent.conf

Use an exported password key to build encrypted passwords for use in buildforge.conf and bfagent.conf.

The buildforge.conf file contains a username and password (db_password) that Build Forge uses to access the database. That password is normally encoded but can be encrypted. To encrypt a password for the Management Console, do the following:

  1. Go to the Management Console root directory.
    • Windows: <bfinstall>
    • UNIX or Linux: <bfinstall>/Platform
  2. Run the following command:
    bfpwencrypt -e password

    Use the plain-text password you want to encrypt for password.

    The encrypted password is sent to stdout.

The bfagent.conf file contains the password key (ssl_key_password) that the agent uses to access the keystore. That password is normally clear text but can be encrypted. To encrypt a password for the agent, do the following:

  1. Go to the agent root directory.
  2. Run the following command:
    bfagent -e password

    Use the plain-text password you want to encrypt for password.

    The encrypted password is sent to stdout.
    Note: If you are using AIX and your GCC library is not in /lib or /usr/lib, you might get an error indicating "Cannot load module /usr/local/bin/bfcrypt.dll." You can address this issue by updating inetd.conf.

    To correct the error, do the following:

    1. Find the following line:
      bfagent stream tcp nowait root /usr/local/bin/bfagent bfagent
    2. Change the line to the following line:
      bfagent stream tcp nowait root /usr/bin/env env LIBPATH=path /usr/local/bin/bfagent
      The path is the location of your GCC library.
    3. Reload inetd.conf with the command refresh -s inetd.

An encrypted password starts with the string bfcrypt: and the password key alias enclosed in braces, followed by the password, which is encrypted (AES 128 bit) and then encoded (Base63). Examples of encoded and encrypted passwords:


Encoded:
dd8b42eed5cc051500f5bffe2b82b1aa6a67baee028a85d0cefa

Encrypted:
{bfcrypt:7427ab360c4010008f9d000049664966}drAIT1zLDGX/xRcvw65+B8aFpTqvmAdbmnh6FpwkHjU=


Feedback