jQuery in Action, 2nd edition*
The moose likes Security and the fly likes How to avoid storing rsa passphrase Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "How to avoid storing rsa passphrase" Watch "How to avoid storing rsa passphrase" New topic

How to avoid storing rsa passphrase

Justin Chu
Ranch Hand

Joined: Apr 19, 2002
Posts: 209
I'm writing a program that is executed by cron throughout the day.

It has to use a RSA identity file to connect to another server (using jcraft's jsch). If I perform the procedure by hand on the command line, it involves entering a passphrase to decrypt the private key.

What is a secure solution that does not involve coding the passphrase somewhere in the code?

An idea I have is just to store the identity file unencrypted, and make sure that the file has its permission set securely.
I agree. Here's the link: http://aspose.com/file-tools
subject: How to avoid storing rsa passphrase
Similar Threads
Jsch Passphrase Query
SSH-FTP using J2SSH api - Authentication issue!
Websphere deployment
Jar signer
what is identity in object