To secure your client message store, you can:
Change the default passwords.
Encrypt the contents of the message store.
First, create a SQL Anywhere database with an encryption key:
dbinit mystore.db -i -s -ek some_phrase |
The -i and -s options are optimal for small devices. The -ek option specifies the encryption key for strong encryption. See Initialization utility (dbinit).
Next, initialize the database as a client message store:
qaagent -id mystore -si -c "dbf=mystore.db;dbkey=some_phrase" |
Next, create a new remote user with DBA authority, and a password for this user. Revoke the default QAnywhere user and change the password of the default DBA user. Log in as user DBA with password sql and execute the following SQL statements:
CREATE USER secure_user IDENTIFIED BY secure_password GRANT MEMBERSHIP IN GROUP ml_qa_user_group TO secure_user GRANT REMOTE DBA TO secure_user REVOKE CONNECT FROM ml_qa_user ALTER USER DBA IDENTIFIED BY new_dba_password COMMIT |
All QAnywhere users must belong to ml_qa_user_group and have remote DBA authority.
Next, start the QAnywhere Agent with the secure DBA user:
qaagent -id mystore -c "dbf=mystore.db;dbkey=some_phrase;uid=secure_user;pwd=secure_password" |
Manage client message store passwords
Encrypting the client message store
Discuss this page in DocCommentXchange. Send feedback about this page using email. |
Copyright © 2009, iAnywhere Solutions, Inc. - SQL Anywhere 11.0.1 |