private_key results from the CPAN

private_key
App-Sqitch
view release on metacpan or search on metacpan
lib/sqitch-authentication.pod view on Meta::CPAN

=over

=item PostgreSQL

PostgreSQL supports a number of
L<authentication methods|https://www.postgresql.org/docs/current/static/auth-methods.html>,
including the passwordless L<SSL certificate|https://www.postgresql.org/docs/current/static/auth-methods.html#AUTH-CERT>, L<GSSAPI|https://www.postgresql.org/docs/current/static/auth-methods.html#GSSAPI-AUTH>, and, for local connections,
L<peer authentication|https://www.postgresql.org/docs/current/static/auth-methods.html#AUTH-PEER>.

=item MySQL

MySQL supports a number of
L<authentication methods|https://dev.mysql.com/doc/internals/en/authentication-method.html>,
plus L<SSL authentication|https://dev.mysql.com/doc/internals/en/ssl.html>.

=item Oracle

Oracle supports a number of
L<authentication methods|https://docs.oracle.com/cd/B19306_01/network.102/b14266/authmeth.htm#BABCGGEB>,
including
L<SSL authentication|https://docs.oracle.com/cd/B19306_01/network.102/b14266/authmeth.htm#i1009722>,
L<third-party authentication|https://docs.oracle.com/cd/B19306_01/network.102/b14266/authmeth.htm#i1009853>,
and, for local connections,
L<OS authentication|https://docs.oracle.com/cd/B19306_01/network.102/b14266/authmeth.htm#i1007520>.

=item Vertica

Vertica supports a number of
L<authentication methods|https://my.vertica.com/docs/7.1.x/HTML/index.htm#Authoring/AdministratorsGuide/Security/ClientAuth/SupportedClientAuthenticationMethods.htm>
including the passwordless L<TLS authentication|https://my.vertica.com/docs/7.1.x/HTML/index.htm#Authoring/AdministratorsGuide/Security/ClientAuth/ConfiguringTLSAuthentication.htm>,
L<GSS authentication|https://my.vertica.com/docs/7.1.x/HTML/index.htm#Authoring/AdministratorsGuide/Security/ClientAuth/Kerberos/ImplementingKerberosAuthentication.htm>,
and, for local connections,
L<ident authentication|https://my.vertica.com/docs/7.1.x/HTML/index.htm#Authoring/AdministratorsGuide/Security/ClientAuth/ConfiguringIdentAuthentication.htm>.

=item Firebird

Firebird supports passwordless authentication only via
L<trusted authentication|https://www.firebirdsql.org/manual/qsg2-config.html>
for local connections.

=item Exasol

Exasol doesn't seem to support password-less authentication at this time,
though there is support for
L<Authentication using OpenID|https://docs.exasol.com/sql/create_user.htm#Authenti4>.
To use it with Sqitch, include C<AUTHMETHOD=refreshtoken> in the target URI
query string, e.g.,

  db:exasol://sys:exasol@localhost:8563/?Driver=Exasol&AUTHMETHOD=refreshtoken

=item Snowflake

Snowflake does not support password-less authentication, but does support
key-pair authentication. Follow
L<the instructions|https://docs.snowflake.com/en/user-guide/snowsql-start.html#using-key-pair-authentication>
to create a key pair, then set the following variables in the F<~/.snowsql/config>
file:

  authenticator = SNOWFLAKE_JWT
  private_key_path = "path/to/privatekey.p8"

To connect, set the C<$SNOWSQL_PRIVATE_KEY_PASSPHRASE> environment variable to
the passphrase for the private key, and add these parameters to the query part
of your connection URI:

=over

=item * C<authenticator=SNOWFLAKE_JWT>

=item * C<uid=$username>

=item * C<priv_key_file=path/to/privatekey.p8>

=item * C<priv_key_file_pwd=$private_key_password>

=back

For example:

  db:snowflake://movera@example.snowflakecomputing.com/flipr?Driver=Snowflake;warehouse=sqitch;authenticator=SNOWFLAKE_JWT;uid=movera;priv_key_file=path/to/privatekey.p8;priv_key_file_pwd=s0up3rs3cre7

=back

=head2 Use a Password File

If you must use password authentication with your database server, you may be
able to use a protected password file. This is file with access limited only
to the current user that the server client library can read in. As such, the
format is specified by the database vendor, and not all database servers offer
the feature. Here's how the database engines supported by Sqitch shake out:

=over

=item PostgreSQL, YugabyteDB, CockroachDB

PostgreSQL, YugabyteDB, and CockroachDB will use a
L<F<.pgpass> file|https://www.postgresql.org/docs/current/static/libpq-pgpass.html> in the
user's home directory to or referenced by the C<$PGPASSFILE> environment
variable. This file must limit access only to the current user (C<0600>) and
contains lines specify authentication rules as follows:

  hostname:port:database:username:password

=item MySQL

For MySQL, if the L<MySQL::Config> module is installed, usernames and
passwords can be specified in the
L<F</etc/my.cnf> and F<~/.my.cnf> files|https://dev.mysql.com/doc/refman/5.7/en/password-security-user.html>.
These files must limit access only to the current user (C<0600>). Sqitch will
look for a username and password under the C<[client]> and C<[mysql]>
sections, in that order.

=item Oracle

Oracle supports
L<password file|https://docs.oracle.com/cd/B28359_01/server.111/b28310/dba007.htm#ADMIN10241>
created with the C<ORAPWD> utility to authenticate C<SYSDBA> and C<SYSOPER>
users, but B<Sqitch is unable to take advantage of this functionality.> Neither can
one L<embed a username and password|https://stackoverflow.com/q/7183513/79202>
into a
L<F<tnsnames.ora>|https://docs.oracle.com/cd/B28359_01/network.111/b28317/tnsnames.htm#NETRF007>
file.

=item Vertica

Vertica does not currently support a password file.

=item Firebird

Firebird does not currently support a password file.

=item Exasol

Exasol allows configuring connection profiles for the 'exaplus' client:
view all matches for this distribution
view release on metacpan - search on metacpan
( run in 0.841 second using v1.00-cache-2.02-grep-82fe00e-cpan-dad7e4baca0 )