Generate a shadow string for a password.
Synopsis
gpsscli shadow [--config <gpss.json>]
gpsscli shadow {-h | --help}
Description
The gpsscli shadow command generates a shadowed password string for the password that you input. You may generate a shadow password for the VMware Tanzu Greenplum user password, or for the password that a GPSS server instance uses to authenticate a client.
If you generate a Greenplum user shadow password, you provide the output generated by the command in the PASSWORD: property setting of your gpsscli.yaml load configuration file.
NoteGPSS supports shadowing the Greenplum user password only on load jobs that you submit and manage with the
gpssclisubcommands. GPSS does not support shadowed passwords on load jobs that you submit withgpkafka load.
If you generate a shadow password for GPSS client to server authentication, you provide the output generated by the command in the Authentication:Password: property setting of the gpss.json GPSS server configuration file.
GPSS uses the Shadow:Key property value specified in the --config gpss.json file, or the default key, to encode the password that you enter, and then generates and outputs the shadow password string.
gpsscli shadow generates a shadow password string of the following format:
"SHADOW:<shadow_password_string>"
Options
- --config gpss.json
-
The GPSS server configuration file. When the file includes a
Shadow:Keysetting, GPSS uses the key to encode the password input. - -h | --help
- Show command utility help, and then exit.
Examples
Generate a shadowed password string using the default key:
$ gpsscli shadow
please input your password
changemeCHANGEMEchangeme
"SHADOW:OH7TIH3676NIA4GQNNN3NTIEJGMGY7R2UE2A4GYUV2ED5AESDHWA"
Generate, without the user prompt, a shadowed password string using the key specified in the file named gpss.json located in the current working directory:
$ echo changemeCHANGEMEchangeme | gpsscli shadow --config gpss.json | tail -1
"SHADOW:ERTBKXDWLAJHUF5UOGJY34QTXIBNYP4ULTWVHIUZIF4UYFPRIJVA"
See Also
