问题
Does Microsoft or Windows provide a mechanism for access to a set of credentials, where I can't just store a salted version of the password; namely I need to have the password itself.
I have a webservice that responds to requests where if the user is authenticated and belongs to a distribution list, a job needs to start on a unix machine using a unix account. I'm using the fantastic ssh.net library to remote from the web service to the linux machine and start the required process but up to this point, I am storing the unix account password in the config file, in plain text (yikes)
What are my options here? I was thinking I could encrypt and decrypt the password, but the key would also be stored in the config file, so there is not much point.
Does windows have a key vault that can be accessed by a service account with proper rights? Are there other ways to authenticate against Linux that doesn't require a password?
回答1:
You can encrypt config sections of your configuration file. Check out this article:
http://msdn.microsoft.com/en-us/library/vstudio/zhhddkxy(v=vs.100).aspx
or this one
http://weblogs.asp.net/jongalloway/encrypting-passwords-in-a-net-app-config-file
or this one
http://www.codeproject.com/Articles/20398/Encrypt-and-Decrypt-ConnectionString-in-app-config
来源:https://stackoverflow.com/questions/24642621/safely-storing-credentials-when-i-need-to-retrieve-the-password-for-use