sbcipher

StreamBase — enciphers text or generates cipher keys for use in StreamBase Server configuration files

SYNOPSIS

sbcipher [[-Jjvm-option]] {[-k pathToPrivateKeyFile]} {[-p] || [-c "clear text to encipher"]}

sbcipher [[-Jjvm-option]] {[-h] || [-v]}

sbcipher [[-Jjvm-option]] {-g pathToKeyFiles} {-s KeySize}

DESCRIPTION

Can be used to encipher passwords, URIs that contain passwords, and other parameter text values in the <data-sources> and <operator-parameters> sections of the StreamBase Server configuration file. Three elements of the configuration file accept the enciphered="true" attribute: <param> and <uri> in the <data-sources> section, and <operator-parameter>.

In StreamBase Studio, open a StreamBase command prompt and issue the sbcipher command. Copy the terminal output and paste it in the relevant element of a configuration file.

A common key pair is embedded in clear text in the sbcipher command and in StreamBase Server. By default, sbcipher -c and sbcipher -p use the private key of that embedded common key pair. Specify -k with -c to designate a separate private key generated in advance with -g.

sbcipher -g can be optionally used to create unique client-server key pairs that can be subsequently used by the sbcipher command and supplied to StreamBase Server by means of the streambase.security.key-file Java property.

OPTIONS

-c "clear text to encipher", --cipher "clear text to encipher"

Enciphers the argument, and prints the results on stdout. To prevent the input text from being recorded in the session history, use -p instead of -c.

-p , --prompt

Prompts for plain text to encipher and prints the results on stdout. A more secure alternative to -c. Do not enter text as a command argument. You can also pipe the plain text from stdin.

-g pathToKeyFiles, --generate pathToKeyFiles

Generates a client-server key pair and writes the files to the path specified, using the basename of the last element of the path as the basename of the keys. The client key is generated with the name basename.sbcipher, while the server key is generated as basename.server.

-h, --help

Displays usage information, then exits.

-Jjvm-option

Specifies a system property setting or other JVM argument to be passed to the JVM running the enciphering process. Use this option to specify temporary settings that affect only the current invocation of sbcipher. You must specify multiple -J options to specify multiple JVM arguments.

There must be no space after the -J. For example, specify -J-Xmx2G. Use the full option syntax for jvm-option that you would use at the Java command line, including the initial hyphen. For example, specify -J-Dstreambase.log-level=2 to increase the log level for this invocation of sbcipher.

Your jvm-option argument might require surrounding quotes, depending on the characters it contains and the shell you are using. However, do not use quotes to escape the spaces between separate JVM arguments; instead use separate -J options. For example: -J-Xms512M -J-Xmx2G

-k pathToPrivateKeyFile, --key pathToPrivateKeyFile

Specify a basename.server file generated with -g as the private key to use when enciphering a string with -c.

-s KeySize, --size KeySize

Specifies the desired bit size for the keys generated with -g. Valid values for KeySize are 512, 1024, 2048, and 4096.

-v, --version

Displays the version of the command.

SEE ALSO

Enciphering Passwords and Parameter Values
StreamBase Server Configuration File XML Reference