|
To secure your client message store, you can:
Change the default passwords.
Encrypt the contents of the message store.
First, create a SQL Anywhere database with an encryption key:
dbinit mystore.db -i -s -ek some_phrase
The -i and -s options are optimal for small devices. The -ek option specifies the encryption key for strong encryption. See Initialization utility (dbinit).
Next, initialize the database as a client message store:
qaagent -id mystore -si -c "dbf=mystore.db;dbkey=some_phrase"
Next, create a new remote user with DBA authority, and a password for this user. Revoke the default QAnywhere user and change the password of the default DBA user. Log in as user DBA with password SQL and execute the following SQL statements:
GRANT CONNECT TO secure_user IDENTIFIED BY secure_password GRANT MEMBERSHIP IN GROUP ml_qa_user_group TO secure_user GRANT REMOTE dba TO secure_user REVOKE CONNECT FROM ml_qa_user GRANT CONNECT TO dba IDENTIFIED BY new_dba_password COMMIT
NoteAll QAnywhere users must belong to ml_qa_user_group and have remote DBA authority. |
Next, start the QAnywhere Agent with the secure DBA user:
qaagent -id mystore -c "dbf=mystore.db;dbkey=some_phrase;uid=secure_user;pwd=secure_password"
Manage client message store passwords
Encrypting the client message store