Sybase password encryption in TD issue - ROUTER ENG HELP

General discussion forum about all databases other than SqlBase.
abdulmajt

Sybase password encryption in TD issue - ROUTER ENG HELP

Post by abdulmajt » 05 Oct 2010, 22:37

To: TD Router Engineers,

We need the following technical questions answered by a Router Engineer at Unify, as we have try all option given to us by Jeff and we still getting the same error message.

1. How does Gupta connects to Sybase Database. We need to get a good understanding of the end to end connectivity.
Jeff earlier mentioned sybase dlls, does it use dlls to make calls to database using Gupta functions (key works used in SQL.INI)?
2. Does it use SYBASE environment (variables) OR do we source them anywhere? If so where?
3. Is it using Sybase Open client at desktop level? If it is using sybase OpenClient then it should be reading $SYBASE/$SYBASE_OCS. But we don't see that heppening.
4. SQL.INI has following section (for SQLWindows):

[section_identifier]
keyword1=parameter1(,parameter2 ... )
keyword2=parameter1(,parameter2 ... )

keywordn=parameter1(,parameter2 ... )

Are there any key words that we can use under [sybgtwy] for encryption? like CS_SEC_ENCRYPTION OR SEC_ENCRYPTION.

Jeff Luther

Re: Sybase password encryption in TD issue - ROUTER ENG HELP

Post by Jeff Luther » 06 Oct 2010, 00:39

Well, you wrote us an email of your questions directly as well, Abdul, so we answered much of this already in the interest in providing some info. that may help others -- here is what I just responded to you via email. I had suggested you encrypt the password yourself in TD, but that apparently was not helpful as you still have these questions:
1. How does Gupta connects to Sybase Database. We need to get a good understanding of the end to end connectivity.
UNIFY: I sent you an email with the overview scheme of how TD talks to the database. Here it is again:

1) TD (or other app) connectivity calls --> 2) Unify/SYBSAL32.DLL --> 3) SYBASE client-side router/DLLs --> 4) server-side/SYBASE DB

The TD app. ‘talks’ to our own SYBSAL32 DLL, which in turns talks to the Sybase client/router DLL(s) installed on the client PC, which then communicates with the DB. 1&2 are on the Unify ‘side’ (TD app + our SYB DLL), while 3&4 are completely on the Sybase ‘side’ (client + DB).

2. Does it use SYBASE environment (variables) OR do we source them anywhere? If so where?
UNIFY: No. The TD interaction is through our SYBSAL32 DLL only.

3. Is it using Sybase Open client at desktop level? If it is using sybase OpenClient then it should be reading $SYBASE/$SYBASE_OCS. But we don't see that happening.
UNIFY: Per the engineer’s comments, we are using the Sybase DLL(s) (that ‘3)’ section above) but we don’t know if those are OpenClient DLLs or not. Presumably it is not using Sybase’s OpenClient, since you do not see that happening.

4. SQL.INI has following section (for SQLWindows):
[section_identifier]
keyword1=parameter1(,parameter2 ... )
keyword2=parameter1(,parameter2 ... )

keywordn=parameter1(,parameter2 ... )

Are there any key words that we can use under [sybgtwy] for encryption? like CS_SEC_ENCRYPTION OR SEC_ENCRYPTION.
UNIFY: As we mentioned earlier, neither TD nor SYBSAL32.DLL have implemented any Sybase encryption. So, no, there is no encryption.

As for Sybase connectivity intro. info. and the SQL.INI keywords that are supported for Sybase, click here for the online documentation: https://support.guptatechnologies.com/Do ... ybase.html.

----------------------------------------------------------------------------------------------------------------------------------------------
*** ANYONE else knows about how to implement Sybase password encryption, I am sure Abdul would like to hear from you.

jmcnamara

Re: Sybase password encryption in TD issue - ROUTER ENG HELP

Post by jmcnamara » 06 Oct 2010, 14:24

My 1st question in this discussion is what is the purpose of the encryption? Is it to keep it safe accross the Internet? If that's the case, how do you propose to encrypt it before transmission and decrypt it on arrival.

I don't know what Sybase supports, but Oracle uses SSL over a secure private port - the server and pc operating systems handle the encryption using a security key generated by Network Solutions, Verisign, Big Daddy, or some other certified certificate provider. Use of SSL secures ALL traffic between the client and the server.

If Sybase doesn't support it directly, you can probably accomplish the task by installing IIS on the server then install the cert on the server and client, then run the traffic though port 443.

Jeff Luther

Re: Sybase password encryption in TD issue - ROUTER ENG HELP

Post by Jeff Luther » 07 Oct 2010, 00:02

Yes, Jim, That's what I asked them too, and when I got the response that an encrypted p/w over the network was OK, that's when I proposed precisely the solution you had selected yourself: Encrypt the p/w on the TD/client-side and use that encrypted p/w as the user's password for the connection. I never heard back on whether they tried this or not.

jmcnamara

Re: Sybase password encryption in TD issue - ROUTER ENG HELP

Post by jmcnamara » 07 Oct 2010, 13:12

We encrypt the users password before it goes to the database, not to hide it over the network, but to keep a disgruntled employee/former employee from gaining direct access to the database.

I think we're about due exchange private e-mails about 'how's life going' :-)

Jeff Luther

Re: Sybase password encryption in TD issue - ROUTER ENG HELP

Post by Jeff Luther » 07 Oct 2010, 23:40

Yes again. I asked the customer if their goal was just to mask the plaintext p/w sent over the network, and if so, your solution of encrypting on client-side was the way to do it.

"emails" - sure!

Return to “General Discussion”

Who is online

Users browsing this forum: [Ccbot] and 0 guests