Table of Contents |
---|
| outlinh1. true |
---|
| outlinh1. true |
---|
1 | printablefalse |
---|
2 | stylh1. none |
---|
3 | indent20px |
---|
|
JADE Credential Store
See more information about the Credential Store in
Set-up KeePassX DB as Credential Store
Download KeePassX and create kdb file
- JADE Credential Store (CS) supports KeePassX DB version 1.0
- One can download the KeePassX desktop utility from https://www.keepassx.org/downloads/
Set-up Credential Store with Password
Step 1: Setup KeePassX DB
- Open the KeePassX utility
- Choose password as Master Key
- Assign password to KeePass DB and click OK
JADE will use the Master Key, i.e. password specified during the creation process as access password of the KeePassX database.
Set-up Credential Store with PPK key
- Start KeePassX utility
- Click on Key File as Master Key
- Browse for pre-generated SSH key as Master Key
- Click ok and KeePassX will open and will be ready to add new entries.
Create Credential Store entries
Create Credential Store entry for FTP server
KeePassX DB can organize entries in logical groups, under groups and sub-groups.
One can organize Credential Store in groups, e.g. Internal-Server, External-Server etc. User is free to choose his own organization scheme.
- Create new top group i.e.
sos
- Create new sub group i.e.
server
- Create new entry
wilma.sos
for settings- Title : Will be used as key in the hierarchy to access the credentials.
- Username : Field is used to specify the username, i.e. FTP, SFTP user name
- Password : Field is used to specify the password, user can use the KeePassX's password generation feature to specify strong passwords or can provide existing password.
- Comment : Can contain extra parameters for JADE along with credentials, any JADE parameter can be specified in the comment section.
- Expires : Expiry date is used to enforce a password and SSH key expiration policy. The user can define the expirarion period, e.g. 90 days, or check option
never
. JADE will raise an error if a KeePassX DB entry is expired. - Attachment : Can contain private key file used for file transfer
Create Credential Store entry for SFTP server
JADE profiles with Credential Store
Set-up global Credential Store profile
Define a global profile containing all the parameters concerning Credential Store. JADE can reuse any profile defined in same jade_settings.ini file.
It's recommended to create profile fragments and reuse them in profiles.
Alternatively a user can define multiple KeePassX DB files, e.g. Test, Integration, Production, and create corresponding profiles for the different environments.
Set-up global Credential Store profile with password
Code Block |
---|
; Global Profile for KeePassX Database WithPassword
[Keepass_DataBase_WithPassword]
use_credential_Store = true
CredentialStore_FileName = C:\sos-berlin.com\jade\credential-store\keepassX-test.kdb
CredentialStoreAuthenticationMethod = password
CredentialStore_password = *********
|
Set-up global Credential Store profile with public key
Code Block |
---|
; Global Profile for KeePassX Database With Public Key
[Keepass_DataBase_WithPublicKey]
use_credential_Store = true
CredentialStore_FileName = C:\sos-berlin.com\jade\credential-store\keepassX-test.kdb
CredentialStoreAuthenticationMethod = privatekey
CredentialStore_KeyFileName = C:\sos-berlin.com\jade\config\jade_cs_rsa.ppk
|
Set-up JADE profile for FTP
In this example we are including Credential Store settings from a global KeePassX database profile Keepass_DataBase_WithPassword .
JADE then will open the KeePassX DB and refer to the entry sos/server/wilma.sos that has previously been defined in the KeePassX DB:
...
Code Block |
---|
[ReceiveUsingKeePass]
source_include = Keepass_DataBase_WithPassword
source_CredentialStore_KeyPath = sos/server/wilma.sos
source_dir = /tmp/test/jade/out
source_make_dirs = true
source_transfer_mode = ascii
target_protocol = local
target_dir = ${TEMP}/jade/in
operation = copy
file_spec = \.txt$
transfer_mode = ascii
|
Set-up JADE profile for SFTP
Code Block |
---|
[ReceiveUsingKeePass]
source_CredentialStore_KeyPath = sos/server/8of9.sos
source_include = Keepass_DataBase_WithPassword
source_dir = /tmp/test/jade/out
source_make_Dirs = true
source_transfer_mode = ascii
target_protocol = local
target_dir = ${TEMP}/jade/in
operation = copy
file_spec = \.txt$
transfer_mode = ascii
|
Example for Server-to-Server File Transfer profile using Credential Store
A profile definition for Server-to-Server File Transfer, from an FTP to na SFTP server:
...
Code Block |
---|
|
jade.sh -settings=name_of_settings_file -profile=transfer_server_2_server
|
Profile fragments SFTP with Public Key
To make the profile reusable and more readable it is possible to reuse profiles snippets in the way like this:
Profile fragments SFTP with Public Key
To make the profile reusable and more readable it is possible to reuse profiles snippets in the way like this:
See also
...