aspose file tools*
The moose likes Security and the fly likes How to avoid storing rsa passphrase Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "How to avoid storing rsa passphrase" Watch "How to avoid storing rsa passphrase" New topic

How to avoid storing rsa passphrase

Justin Chu
Ranch Hand

Joined: Apr 19, 2002
Posts: 209
I'm writing a program that is executed by cron throughout the day.

It has to use a RSA identity file to connect to another server (using jcraft's jsch). If I perform the procedure by hand on the command line, it involves entering a passphrase to decrypt the private key.

What is a secure solution that does not involve coding the passphrase somewhere in the code?

An idea I have is just to store the identity file unencrypted, and make sure that the file has its permission set securely.
I agree. Here's the link:
subject: How to avoid storing rsa passphrase
Similar Threads
what is identity in object
Jsch Passphrase Query
Websphere deployment
Jar signer
SSH-FTP using J2SSH api - Authentication issue!