This is the command msencrypt that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
msencrypt - create an encryption key or encrypt portions of connection strings for use in
mapfiles
SYNOPSIS
msencrypt [-keygen file | -key file string]
DESCRIPTION
msencrypt can create an encryption key or encrypt portions of connection strings for use
in mapfiles. Typically you might want to encrypt portions of the CONNECTION parameter for
a database connection. The following CONNECTIONTYPEs are supported for using this
encryption method:
· OGR
· Oracle Spatial
· PostGIS
· SDE
OPTIONS
-keygen file
Creates a new encryption key in file.
-key file string
Use the key in file to encrypt string.
NOTES
Use in Mapfile.
The location of the encryption key can be specified by two mechanisms, either by setting
the environment variable MS_ENCRYPTION_KEY or using a CONFIG directive in the MAP object
of your mapfile. For example:
CONFIG MS_ENCRYPTION_KEY "/path/to/mykey.txt"
Use the { and } characters as delimiters for encrypted strings inside database CONNECTIONs
in your mapfile. For example:
CONNECTIONTYPE ORACLESPATIAL
CONNECTION "user/{MIIBugIBAAKBgQCP0Yj+Seh8==}@service"
EXAMPLE
LAYER
NAME "provinces"
TYPE POLYGON
CONNECTIONTYPE POSTGIS
CONNECTION "host=127.0.0.1 dbname=gmap user=postgres password=iluvyou18 port=5432"
DATA "the_geom FROM province using SRID=42304"
STATUS DEFAULT
CLASS
NAME "Countries"
COLOR 255 0 0
END
END
Here are the steps to encrypt the password in the above connection:
1. Generate an encryption key (note that this key should not be stored anywhere within
your web server's accessible directories):
msencrypt -keygen "/home/user/mykey.txt"
And this generated key file might contain something like:
2137FEFDB5611448738D9FBB1DC59055
2. Encrypt the connection's password using that generated key:
msencrypt -key "/home/user/mykey.txt" "iluvyou18"
Which returns the password encrypted, at the commandline (you'll use it in a second):
3656026A23DBAFC04C402EDFAB7CE714
3. Edit the mapfile to make sure the 'mykey.txt' can be found, using the
"MS_ENCRYPTION_KEY" environment variable. The CONFIG parameter inside the MAP object
can be used to set an environment variable inside a mapfile:
MAP
...
CONFIG "MS_ENCRYPTION_KEY" "/home/user/mykey.txt"
...
END #mapfile
4. Modify the layer's CONNECTION to use the generated password key, making sure to use
the "{}" brackets around the key:
CONNECTION "host=127.0.0.1 dbname=gmap user=postgres
password={3656026A23DBAFC04C402EDFAB7CE714} port=5432"
5. Done! Give your new encrypted mapfile a try with the shp2img(1) utility!
13 March 2016 msencrypt(1)
Use msencrypt online using onworks.net services