Creating a password file for connecting to database servers on untrusted networks

If a client, Connection Manager, or any of the database servers that a Connection Manager connects to are on an untrusted network, you can create encrypted password files to verify connection requests.

About this task

In certain situations, an encrypted password file is required for trusted network environments, such as when a local system account attempts to connect to a database server in a high-availability cluster or Enterprise Replication domain, or when the user ID does not exist on a database server. The password file provides the correct system-level access, so that a local system account or a Windows account can connect directly to a remote server.

The password file has separate entries for the following items:
  • Each Enterprise Replication group
  • Each High-availability cluster group
  • Each High-availability cluster server
  • Each Enterprise Replication server that is in a group that is also configured for high-availability
  • Each database server's alternative server alias, if the database server is using a secure port for communication
A password file entry contains the following information:
  • The name of an alternative server to connect to if a connection cannot be made to the listed server or group. For example, alternative_server_name is used when server_or_group_name uses a secure port, as specified by the s=6 option in an sqlhosts file entry.
  • The user ID for a database server or the database servers in a group. User IDs must have the following privileges:
    • Permission to connect to the sysadmin database
    • CONNECT permission on the remote servers
    • On UNIX operating systems, membership in the group informix DBSA group
    • On Windows operating systems, membership in the Informix-Admin DBSA group
    Only user informix has all of these privileges by default
  • The password for a server

Procedure

  1. On a Connection Manager host, use a text editor to create an ASCII text file to be used as a password file. Save the file to the $INFORMIXDIR/tmp directory.
    If you have a high-availability replication system, your password file contains password information for replication servers and cluster servers.
    Note: The password file must not contain comments.
    The replication-server entries of the password file have the following format:
    group_name             database_server_alias  user_name  database_server_password
    database_server_name   database_server_alias  user_name  database_server_password
    database_server_alias  database_server_alias  user_name  database_server_password
    For example:
    group_1   unsecure_server_alias_1  user_1  password_1
    server_1  unsecure_server_alias_1  user_1  password_1
    alias_1   unsecure_server_alias_1  user_1  password_1
    
    group_2   unsecure_server_alias_2  user_2  password_2
    server_2  unsecure_server_alias_2  user_2  password_2
    alias_2   unsecure_server_alias_2  user_2  password_2
    
    group_n   unsecure_server_alias_n  user_n  password_n
    server_n  unsecure_server_alias_n  user_n  password_n
    alias_n   unsecure_server_alias_n  user_n  password_n
    
    The cluster-server entries of the password file have the following format:
    alias_group_name  db_server_alias  user_name  db_server_password
    
    db_server_name    db_server_alias  user_name  db_server_password
    For example:
    alias_group_1  unsecure_alias_1  user_1  password_1
    alias_group_1  unsecure_alias_2  user_2  password_2
    alias_group_1  unsecure_alias_n  user_n  password_n
    
    alias_group_2  unsecure_alias_1  user_1  password_1
    alias_group_2  unsecure_alias_2  user_2  password_2
    alias_group_2  unsecure_alias_n  user_n  password_n
    
    alias_group_n  unsecure_alias_1  user_1  password_1
    alias_group_n  unsecure_alias_2  user_2  password_2
    alias_group_n  unsecure_alias_n  user_n  password_n
    
    server_1       unsecure_alias_1  user_1  password_1
    server_2       unsecure_alias_2  user_2  password_2
    server_n       unsecure_alias_n  user_n  password_n
  2. Encrypt the password file with the onpassword utility and an encryption key.
    For example, if your password file is $INFORMIXDIR/tmp/my_passwords.txt, and the encryption key you want to use is my_secret_encryption_key_efgh, run the following command:
    onpassword -k my_secret_encryption_key_efgh -e my_passwords.txt

    This example creates the encrypted passwd_file file in the $INFORMIXDIR/etc directory.

    To later decrypt the password file, you must enter the same key that was used to encrypt the password file. If you lose the encryption key that was used to encrypt a password file, re-encrypt the original ASCII text password file. If the ASCII text password file was deleted, you must create a new one.
  3. Distribute $INFORMIXDIR/etc/passwd_file to all the database servers that Connection Managers or the cdr utility connects to, and to all Connection Managers.
    Note: An encrypted password file that is created on one type of operating system is not supported on a different type of operating system. On each operating system, you must run the onpassword utility with the same text file and encryption key.