Change the syb_extpasswdkey using:
alter encryption key syb_extpasswdkey
[ with { static key | master key} ]
{ regenerate key [ with { static key | master key } ]
| modify encryption [ with { static key | master key } ] }
where:
The first instance of with {static key | master key} is optional and represents how the syb_extpasswdkey is currently encrypted.
The second instance of with {static key | master key} allows the administrator to change the encryption on the regenerated key from static to dynamic, or vice versa. If you omit this parameter, the regenerated key remains encrypted as it was before issuing this command.
The third instance of with {static key | master key} changes the protection on the existing key to use the static key or the master key as specified. If you omit this parameter, by default, the static key is used.
Regenerating syb_extpasswdkey is a single transaction that:
Creates a new service key for the external login passwords.
Reencrypts the passwords in sysattributes using the new key.
Drops the old key.
For example:
Create a service key for external login passwords and encrypt all external login passwords with the service key protected by the static key:
create encryption key syb_extpasswdkey
Regenerate the service key for external login passwords, leaving the new service key protected by the static key and reencrypting all external passwords encrypted by the old service key:
alter encryption key syb_extpasswdkey regenerate key
Change the protection of the service key to be encrypted by the master key. The service key does not change, and external login passwords are not reencrypted:
alter encryption key syb_extpasswdkey modify encryption with master key
Before issuing this command, ensure that the master
key password has already been entered by the master key owner.
