on 2013 Mar 08 7:54 AM
Dear all. I'm sorry if this question has already been asked before. Are user id and password are encrypted during transmission of connection attempt from a unixODBC client to server? If they are, is that asymmetric encryption scheme? What is the encryption algorithm? Does it have any relation with TLS encryption parameter ? I do really appreciate your help.
regards, hb
Sensitive connection parameters (PWD, DBKEY, NEWPWD) are sent in an encrypted block. The block is encrypted with AES using a random key that is negotiated between the client and server, and is only used once. This happens on all connections, whether the connection itself is encrypted or not.
While this is far more secure than sending the password in plain text, it's not completely bulletproof. For the highest possible security, you should use TLS encryption.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
68 | |
10 | |
10 | |
10 | |
10 | |
8 | |
8 | |
7 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.