Link Search Menu Expand Document
Start for Free

stardog-admin encryption set-password

Description

Set a user managed password for encryption.

Usage

stardog-admin [ --krb5 ] [ --krb5-disable-rdns ] [ --server <server url> ] encryption set-password [ {-E | --enc-password} <password> ] [ {-p | --passwd} <password> ] [ {-P | --ask-password} ] [ --run-as <username> ] [ {-u | --username} <username> ] [ {-v | --verbose} ]

Options

Name, shorthand Description
-E <password>, --enc-password <password> The password to use for encrypting the keys that will be used for encryption.
--krb5 Use the Kerberos environment.
--krb5-disable-rdns Disable reverse DNS lookup for Kerberos clients.
-p <password>, --passwd <password> Password.
-P, --ask-password Prompt for password.
--run-as <username> User to impersonate when running the command
--server <server url> URL of Stardog Server. If this option isn’t specified, it will be read from JVM argument ‘stardog.default.cli.server’. If the JVM arg isn’t set, the default value ‘http://localhost:5820’ is used. If server URL has no explicit port value, the default port value ‘5820’ is used. Example: ‘stardog-admin –server http://12.34.56.78:5820 server stop’
-u <username>, --username <username> User name.
-v, --verbose Flag that can cause more detailed information to be printed such as errors and status. Exact output depends upon the command and options used.

Discussion

When using Stardog to encrypt data at rest it is recommended that the admin manage a password that must be used to unlock the encrypted data. Stardog will not store this password nor maintain the ability to reset it, it is a secret only known to the administrator of the server. This command will set that password.

Once set it must be provided to Stardog when the server is started.

Note that data encryption will not occur until Stardog has been told to create a new key. See the new-key command.

Examples

Set a user managed password for encryption:

$ stardog-admin encryption set-password -E <password>