search

Teradata / PyTd

A Python Module to make it easy to script powerful interactions with Teradata Database in a DevOps friendly way.
MIT License
108 stars 43 forks source link

How to Login TD Session with Encrypted PAssword?? #63

Closed pGit1 closed 7 years ago

pGit1 commented 7 years ago

If I need to share a script with someone that logs in via session = udaExec.connect(... Authentication="LDAP") how do I do this without revealing my password?

escheie commented 7 years ago

The script does not need to have the password hard coded in it. The password can be provided in an external configuration file or via Teradata Wallet if using ODBC as the connect method.

pGit1 commented 7 years ago

Any example code on how to do this? I am definitely using a hard coded method right now.

On Tue, Jan 3, 2017 at 6:02 PM, Eric Scheie notifications@github.com wrote:

The script does not need to have the password hard coded in it. The password can be provided in an external configuration file or via Teradata Wallet if using ODBC as the connect method.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Teradata/PyTd/issues/63#issuecomment-270250743, or mute the thread https://github.com/notifications/unsubscribe-auth/ANU-SoAbwuo2psVw65gDbUmOcEMvQz07ks5rOtOLgaJpZM4LaGh7 .

escheie commented 7 years ago

First add your password to Teradata Wallet (e.g. we will call our password "password_example"):

tdwallet add password_example

Then reference the password stored in tdwallet in the script:

session = udaExec.connect(method="odbc", ..., password="$$tdwallet(password_example)");

pGit1 commented 7 years ago

@escheie thanks for your help but I don't think I am filling in the blanks here.

  1. What is "tdwallet"? I have no module that I can import that is called tdwallet.
  2. Even in the example you give above

session = udaExec.connect(method="odbc", ..., password="$$tdwallet(password_example)");

"password_example" is still in the connection string. Sorry I have to reopen this. It is critical.

Can you please provide a more detailed example of how to do this?

escheie commented 7 years ago

tdwallet is a command line tool that acts as a password vault for Teradata Tools and Utilities . If you Google for Teradata Wallet, it should provide additional details if you need to install it. The password will not be contained in the script but will be looked up from the local wallet where the script is executed.

pGit1 commented 7 years ago

Ok thanks!

On Fri, Jan 6, 2017 at 11:21 AM, Eric Scheie notifications@github.com wrote:

tdwallet is a command line tool that acts as a password vault for Teradata Tools and Utilities . If you Google for Teradata Wallet, it should provide additional details if you need to install it. The password will not be contained in the script but will be looked up from the local wallet where the script is executed.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Teradata/PyTd/issues/63#issuecomment-270940329, or mute the thread https://github.com/notifications/unsubscribe-auth/ANU-SoXbkfgh_aOE7unCEo_llDJO8Cieks5rPmoTgaJpZM4LaGh7 .