Encrypting the shared secret on a sensor

Values exist in the OpenText ScanCentral SAST sensor configuration file as plain text. You can encrypt the worker_auth_token property value.

To encrypt a shared secret on a sensor:

  1. At the command prompt, run the following command:

    <sast_install_dir>/bin/pwtool <pwtool_keys_file>

  2. When prompted, type the password to encode, and then press Enter.

    For the sake of security, make sure that the pwtool key file you use to encrypt secrets for sensors is different from the pwtool key file you use to encrypt secrets on the Controller.

    The pwtool generates a new pwtool.keys file to <pwtool_keys_file> and prints a new encrypted secret to the console.

  3. Open the worker.properties file in a text editor and update the values for the following properties:

    1. Copy the encrypted secret and paste it as the value for worker_auth_token property.

    2. Add the name of your pwtool keys file:

      pwtool_keys_file=<pwtool_keys_file>

  4. Save and close the worker.properties file.

See also

Installing Sensors