Community
Participate
Working Groups
Build Identifier: 3.6.2.r362_v20110210-9gF78Gs1FrIGnHDHWkEcopoN8AmxeZflGDGKQi Build id: M20110210-1200 Passwords for agent controllers are stored on the workbench in Eclipse Secure Storage file /root/.eclipse/org.eclipse.equinox.security/secure_storage [root@vhost0249 org.eclipse.equinox.security]# ll total 4 -rw-r--r-- 1 root root 2156 Mar 8 02:28 secure_storage Passwords inside the file are encrypted using JAVA encryption PBEWithMD5AndDES PBEWithMD5AndDES is a password-based algorithm that uses the DES algorithm internally. The short (56-bit) key length makes this algorithm weak. If greater security is needed, use both a stronger algorithm and a longer password. Recommend the use of PBEWithMD5AndTripleDES or AES algorithms. Currently, there exist three Approved encryption algorithms (FIPS compliant) : AES, Triple DES, and Skipjack. http://csrc.nist.gov/groups/ST/toolkit/block_ciphers.html#Approved%20Algorithms Reproducible: Always
The support for encryption algorithms differs from VM to VM. The PBEWithMD5AndDES was selected as being both widely available and "good enough". The default algorithm can be changed using preference page General -> Security -> Secure Storage | Advanced. On some VMs Triple DES will be available in that dropdown. Note that the change will only apply to the "new" secure storages and will not affect already created secure storage.
