Netezza Encrypt Password with nzpassword Command Utility

  • Post author:
  • Post last modified:February 28, 2018
  • Post category:Netezza
  • Reading time:3 mins read

Database user accounts must be authenticated during access requests to the IBM Netezza database. You can secure the password by using Netezza encrypt password facility.

netezza encrypt password

Local authentication requires a password for every account which connects to the Netezza server. You must enter the clear text password, when you use Netezza CLI commands. You can set the environment variable NZ_PASSWORD to avoid the type of password every time but this variable also stores the clear text password.

Read:

[nz@netezza]$ env | grep NZ
NZ_PASSWORD=password
NZ_USER=username
NZ_DATABASE=TRAINING

This will allows nzsql to login directly using above mentioned parameters.

[nz@netezza]$ nzsql
Welcome to nzsql, the Netezza SQL interactive terminal.

Type: h for help with SQL commands
? for help on internal slash commands
g or terminate with semicolon to execute query
q to quit

nzpassword Command

To avoid displaying password on command line, in scripts or in environment variables, you can use nzpassword to create locally stored encrypted password. Netezza encrypt password is one of the important feature provided by Netezza.

Syntax and Usage:

nzpassword add -u user -pw password -host hostname

Now you should be able to login to Netezza database without setting up NZ_PASSWORD environmental variables.

[nz@netezza]$ unset NZ_PASSWORD
[nz@netezza]$ env | grep NZ
NZ_USER=username
NZ_DATABASE=TRAINING

The password information is extracted from the nzpassword variable.

[nz@netezza]$ nzsql
Welcome to nzsql, the Netezza SQL interactive terminal.

Type: h for help with SQL commands
? for help on internal slash commands
g or terminate with semicolon to execute query
q to quit

Below is the output of nzpassword command:

[nz@netezza hgfs]$ nzpassword
Host User
——- —–
Netezza admin

You can add as many as user to this utility. The database name and username has to be specified as the first and second argument passed to nzsql in this case.

Display cached password

You can check the cached password using “nzpassword show” command

[nz@netezza hgfs]$ nzpassword show

Delete user from nzpassword

You can delete the users from the utility. For example, remove user from nzpassword utility:

[nz@netezza]$ nzpassword delete -u user
[nz@netezza]$ nzpassword
Host User
——- —–
netezza admin

The nzpassword utility is one of the best utility to encrypt user’s password.