Enabling password encryption in the Management Console is a prerequisite
for enabling password encryption in all other components:
- Redundant Management Consoles require export of the password key
from the first Management Console to be included in their bfpwcrypt.conf files.
All Management Consoles must use the same key. Typically they must
also use the key to encrypt the database password.
- Agents require the export of a password key if the engine is sending
encrypted passwords to it. Both the engine and the agent should use
the same key. The key exported from the Management Console allows
them to decrypt encrypted Server Auth passwords.
If the agent is
not receiving encrypted passwords, but needs to generate encrypted
passwords for use in its BFAgent.conf file, then
each agent should use a different password key. Generate each key
individually from the Management Console.
To enable password encryption in the Management Console, do the
following:
- In the console, go to .
- Set Password Encryption Enabled to Yes.
- Click Save. This step saves the configuration
in the Build Forge database.
- Click Update Master BFClient.conf. This
step saves the configuration in the Build Forge bfclient.conf file.
- Restart Build Forge. This step is required so that the running
Build Forge process uses the new settings in the bfclient.conf file.
When Password Encryption Enabled is Yes
and in the configuration, you are able to do the following:
- Export the password key to a file
- Generate new password keys
- Run the bfpwencrypt and bfagent commands
to create encrypted passwords for inclusion in the console and agent
configuration files