[Info-ingres] encryption of passwords in transit

Martin Bowes martin.bowes at ndph.ox.ac.uk
Tue Oct 24 08:29:21 UTC 2017 

Out of curiosity and because I have no easy way of telling what the level is...

If we set our server to have aes 256 and the client is aes 128, Will they negotiate the higher setting, the lower setting or just refuse to talk?

Marty

From: Gordon Thorpe [mailto:Gordon.Thorpe at actian.com]
Sent: 19 October 2017 17:21
To: Alex Hanshaw; Martin Bowes; info-ingres at lists.planetingres.org
Cc: David Thole; Bruce Lunsford
Subject: RE: [Info-ingres] encryption of passwords in transit

If AES encryption is enabled in both client and server, it will be used to encrypt the password.  Otherwise, the original Ingres/Net DES encryption will be used.

From: Alex Hanshaw
Sent: Thursday, October 19, 2017 3:51 AM
To: Martin Bowes <martin.bowes at ndph.ox.ac.uk<mailto:martin.bowes at ndph.ox.ac.uk>>; info-ingres at lists.planetingres.org<mailto:info-ingres at lists.planetingres.org>
Cc: David Thole <Dave.Thole at actian.com<mailto:Dave.Thole at actian.com>>; Gordon Thorpe <Gordon.Thorpe at actian.com<mailto:Gordon.Thorpe at actian.com>>; Bruce Lunsford <Bruce.Lunsford at actian.com<mailto:Bruce.Lunsford at actian.com>>
Subject: RE: [Info-ingres] encryption of passwords in transit

Hi Marty

I'm pretty sure the secure communications sections in the documentation apply in this instance. AES and RSA are used. I've cc'd the Connectivity guys to confirm or comment further.

Alex

http://docs.actian.com/ingres/11.0/index.html#page/Upgrade/Secure_Communications_Encryption_with_AES.htm
http://docs.actian.com/ingres/11.0/index.html#page/Security%2F10._Using_Secure_Communications_Encryption_with.htm%23
http://docs.actian.com/ingres/11.0/index.html#page/Security%2FConfigure_AES_Encryption.htm%23



From: info-ingres-bounces at lists.planetingres.org<mailto:info-ingres-bounces at lists.planetingres.org> [mailto:info-ingres-bounces at lists.planetingres.org] On Behalf Of Martin Bowes
Sent: 19 October 2017 10:51
To: info-ingres at lists.planetingres.org<mailto:info-ingres at lists.planetingres.org>
Subject: [Info-ingres] encryption of passwords in transit

Hi All,

My boss wants to know exactly what encryption is done on the passwords in vnodes during transit. I can't find anything in the manual other than a vague statement about block level encryption, which I think just means it gets cut into bits and rearranged to some pattern.

Can anyone shed some light on this?

Is the level of encryption controllable?

Martin Bowes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.planetingres.org/pipermail/info-ingres/attachments/20171024/5f803e9d/attachment.html>

More information about the Info-ingres mailing list