[Koha-bugs] [Bug 30649] Vendor EDI account passwords should be encrypted in the database
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Nov 10 01:22:06 CET 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30649
--- Comment #26 from David Cook <dcook at prosentient.com.au> ---
(In reply to Katrin Fischer from comment #25)
> (In reply to David Cook from comment #24)
> > (In reply to Katrin Fischer from comment #23)
> > > It might also hinder a a quick desaster recovery to a different server? At
> > > least something more to think about for backups etc.
> >
> > With the encryption key in koha-conf.xml, they wouldn't be able to decrypt
> > the encrypted passwords in the database either.
>
> True, so something to keep in mind then for the sysadmins?
Yeah, I mean there's other bits of config that this happens for too. I use the
"OAI-PMH:ConfFile" syspref, and if you just restore the database dump without
including the server-side file, it'll break the OAI.
So sysadmins really need to keep in mind that the database and server-side
config need to be restored together.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list