Seri artikel sing nerangake fitur-fitur anyar gt-checksum v4.0.0 (5): Proteksi ciphertext DSN – sandhi string sambungan ora ana maneh ing teks biasa – GreatSQL
Ing alat ndandani checksum database, senar sambungan meh dadi salah sawijining konfigurasi sing paling sensitif. Ing jaman biyen, supaya gampang digunakake, akeh file konfigurasi bakal langsung nulis sandi plainteks database.
gt-checksum v4.0.0 terus,
srcDSN/dstDSNTembung sandhi ing kudu digunakakeENC[...]teks cipher, lan nambah piranti independengt-dsn-cryptNgasilake kunci base64 32-bait lan ciphertext AES-256-GCM, ngganti proteksi sandi senar sambungan saka “rekomendasi” dadi “watesan sing kuat”.
1. Pambuka fungsi
[yejr@db160 gt-checksum]$ cat docs/gt-checksum-v4.0.0-dsn-encrypt-article.md
Ing alat ndandani checksum database, senar sambungan meh dadi salah sawijining konfigurasi sing paling sensitif. Ing jaman biyen, supaya gampang digunakake, akeh file konfigurasi bakal langsung nulis sandi plainteks database.
gt-checksum v4.0.0 terus,
srcDSN/dstDSNTembung sandhi ing kudu digunakakeENC[...]teks cipher, lan nambah piranti independengt-dsn-cryptNgasilake kunci base64 32-bait lan ciphertext AES-256-GCM, ngganti proteksi sandi senar sambungan saka “rekomendasi” dadi “watesan sing kuat”.
1. Pambuka fungsi
v4.0.0 nambah kemampuan enkripsi sandi senar sambungan. Owah-owahan inti bisa diringkes ing telung poin:
| kabisan | ilustrasi |
|---|---|
ENC[...] Format teks cipher |
srcDSN / dstDSN Tembung sandhi ing kudu digunakake ENC[...] teks cipher |
gt-dsn-crypt piranti |
Mandiri ngasilake kunci, enkripsi sandhi, lan dekripsi ciphertext verifikasi |
| Desensitisasi log terpadu | gt-checksum, repairDB, lan log blumbang sambungan ora bakal ngasilake tembung sandi teks kosong utawa teks cipher. |
Alat anyar: gt-dsn-crypt
gt-dsn-crypt Telung subcommands diwenehake:
| dhawuh anak | efek |
|---|---|
gen-key |
Nggawe kunci acak 32-byte lan output ing base64 |
encrypt |
Gunakake tombol kanggo ndhelik sandhi teks biasa menyang ENC[...] teks cipher |
decrypt |
Dekripsi nggunakake kunci ENC[...]digunakake kanggo verifikasi manawa ciphertext kasebut bener |
Panggunaan khas:
# 1. 生成 32 字节 base64 key
KEY=$(gt-dsn-crypt gen-key)
# 2. 推荐从文件读取 password,避免明文进入 shell history
printf '%s' '数据库密码' > ./password.txt
# 3. 生成 ENC[...] 密文
GT_CHECKSUM_DSN_KEY="$KEY" gt-dsn-crypt encrypt --password-file ./password.txt
# 4. 启动 gt-checksum 时提供同一个 key
GT_CHECKSUM_DSN_KEY="$KEY" gt-checksum -c ./gc.conf
DSN ing file konfigurasi dadi:
srcDSN=mysql|user:ENC[v1:aes256gcm:default:...:...]@tcp(src-host:3306)/information_schema?charset=utf8mb4
dstDSN=mysql|user:ENC[v1:aes256gcm:default:...:...]@tcp(dst-host:3306)/information_schema?charset=utf8mb4
2. Interpretasi sing jero babagan fungsi lan skenario panggunaan
2.1 Yagene kudu ndhelik sandi DSN kanthi paksa?
Ing lingkungan produksi, risiko sandhi database plaintext luwih umum tinimbang sing dibayangake:
Skenario 1: File konfigurasi bocor
gc.conf Biasane bakal diselehake ing direktori operasi lan pangopènan, direktori penyebaran utawa platform otomatisasi. Sawise ijin direktori dikonfigurasi kanthi ora bener, sandhi database teks sing cetha bisa diwaca dening pangguna sing ora sah.
Skenario 2: Log lan laporan kesalahan bocor
Nalika wiwitan alat gagal, verifikasi parameter gagal, utawa initialization blumbang sambungan gagal, yen DSN dicithak langsung, sandi teks cetha bisa mlebu log terminal, log CI, gambar urutan karya, utawa sistem koleksi ngawasi.
Skenario 3: Kolaborasi lan audit multi-wong
Proyek migrasi biasane nglibatake kolaborasi multi-peran ing antarane DBA, R&D, operasi lan pangopènan, lan tes. Nalika file konfigurasi diterusake menyang sawetara wong, tembung sandhi teks sing cetha bakal disebar ing alat chatting, email, lan dokumen, dadi angel dilacak lan dipulihake mengko.
Skenario 4: File sauntara lan remnants printah sajarah
Sanajan file konfigurasi pungkasan wis dibusak, tembung sandhi teks sing cetha isih tetep ana ing riwayat cangkang, file serep, lan file pertukaran editor. Sawise enkripsi, sanajan ciphertext bocor, sandhi ora bisa langsung dibalekake tanpa kunci.
Mulane, v4.0.0 ora mung “nyaranake supaya ora nulis sandhi teks biasa”, nanging langsung verifikasi nalika tahap wiwitan:Sandi DSN ora ENC[...]program gagal-cepet lan metu.
2.2 ENC[...] Apa format ciphertext?
v4.0.0 nggunakake format ciphertext manunggal:
ENC[v1:aes256gcm:<kid>:<nonce_b64url>:<ciphertext_b64url>]
Tegese saben lapangan kaya ing ngisor iki:
| lapangan | ilustrasi |
|---|---|
v1 |
Versi teks cipher |
aes256gcm |
Algoritma enkripsi: AES-256-GCM |
| “ | id kunci, standar defaultdilindhungi undhang-undhang kanggo rotasi tombol sakteruse |
| “ | Random nonce, dienkode nggunakake base64 URL-aman |
| “ | Teks rahasia lan tag otentikasi, dienkode nggunakake base64 URL-aman |
Tuladha:
ENC[v1:aes256gcm:default:REPLACE_NONCE:REPLACE_CIPHERTEXT]
Sampeyan kudu nyatet singEnkripsi mung fragmen sandiinformasi konfigurasi sambungan kayata host, port, jeneng perpustakaan, charset, paramèter SSL, etc. ora bakal ndhelik. Contone:
# 加密前(v4.0.0 起不再支持)
srcDSN=mysql|user:plain_password@tcp(src-host:3306)/information_schema?charset=utf8mb4
# 加密后
srcDSN=mysql|user:ENC[v1:aes256gcm:default:...:...]@tcp(src-host:3306)/information_schema?charset=utf8mb4
Desain iki njupuk menyang akun loro keamanan lan operability: sandi dilindhungi, nanging target sambungan, jeneng perpustakaan, lan paramèter isih katon, nggawe gampang kanggo troubleshoot masalah konfigurasi.
2.3 AES-256-GCM: njamin rahasia lan integritas bebarengan
gt-dsn-crypt Gunakake implementasi AES-GCM ing perpustakaan standar Go:
block, _ := aes.NewCipher(key)
gcm, _ := cipher.NewGCM(block)
nonce := make([]byte, gcm.NonceSize())
rand.Read(nonce)
ciphertext := gcm.Seal(nil, nonce, []byte(password), nil)
Ing ngisor iki sawetara poin penting:
- tombol kudu 32 bita: Cocog karo AES-256.
- A nonce acak kui kanggo saben enkripsi: Yen sandi padha ndhelik kaping pindho karo tombol padha, asil beda bakal dijupuk.
ENC[...]teks cipher. - GCM dilengkapi label sertifikasi dhewe: Nalika decrypting, bakal dicenthang apa ciphertext wis tampered karo. Yen kunci salah utawa ciphertext diowahi, dekripsi gagal bakal dibalekake tinimbang ngasilake tembung sandhi sing salah.
iki tegese ENC[...] Ora mung “string sing dikaburake”, nanging format ciphertext kanthi kapabilitas enkripsi sing wis dikonfirmasi.
2.4 Saka endi kuncine?
Manajemen tombol v4.0.0 nderek rong prinsip:Ora ana kunci standar sing dibangun lan kunci kasebut ora diwaca saka file konfigurasi.
Mung ana rong sumber kunci:
| sumber | prioritas | ilustrasi |
|---|---|---|
--key |
paling dhuwur | Paramèter baris printah, overriding variabel lingkungan |
GT_CHECKSUM_DSN_KEY |
paling dhuwur kaloro | ora ditemtokake --key Maca variabel lingkungan nalika |
Tuladha:
# 使用环境变量
GT_CHECKSUM_DSN_KEY="$KEY" gt-checksum -c ./gc.conf
# 使用 --key 覆盖环境变量
gt-checksum -c ./gc.conf --key "$KEY"
repairDB lan gt-dsn-crypt uga nggunakake mekanisme tombol sing padha:
# repairDB 使用环境变量
GT_CHECKSUM_DSN_KEY="$KEY" repairDB -conf ./gc.conf ./fixsql
# repairDB 使用 --key
repairDB -conf ./gc.conf --key "$KEY" ./fixsql
# gt-dsn-crypt encrypt 使用 --key
gt-dsn-crypt encrypt --key "$KEY" --password-file ./password.txt
v4.0.0 File kunci ora didhukunguga ora ndhukung nulis tombol ing
gc.conftengah. Iki kanggo nyegah keamanan palsu “sandi dienkripsi, nanging kunci dekripsi diselehake bebarengan karo file konfigurasi”.
2.5 Gagal-cepet ing fase wiwitan: sandhi teks kosong langsung ditolak
gt-checksum diurai langsung nalika maca konfigurasi srcDSN / dstDSNlan nelpon logika parsing string sambungan terpadu, mbutuhake string sambungan kanggo ciphertext kudu digunakake.
mulane:
- sandi iku
ENC[...]: Ngundhuh kunci lan dekripsi - sandi iku teks biasa: langsung laporan kesalahan lan metu
- Sandi kosong: lapor kesalahan lan langsung metu
- Tombol ilang utawa dawa tombol ora 32 bita: langsung laporan kesalahan lan metu.
- Format ciphertext ora bener, versi ora didhukung, lan otentikasi gagal: laporan kesalahan lan langsung metu.
Desain gagal-cepet iki bisa nyegat risiko sajrone fase wiwitan tugas lan supaya ora nemokake yen senar sambungan ora kasedhiya ing tengah-tengah proses verifikasi utawa ndandani.
2.6 Dhukungan MySQL lan Oracle DSN
Enkripsi senar sambungan v4.0.0 ora mung ndhukung MySQL-kulawarga, nanging uga ndhukung Oracle.
Kulawarga MySQL:
srcDSN=mysql|user:ENC[v1:aes256gcm:default:...:...]@tcp(src-host:3306)/information_schema?charset=utf8mb4
dstDSN=mysql|user:ENC[v1:aes256gcm:default:...:...]@tcp(dst-host:3306)/information_schema?charset=utf8mb4
Percona Server, GreatSQL, MariaDB lan sumber data kulawarga MySQL liyane uga digunakake mysql| Ater-ater driver.
Oracle legacy DSN:
srcDSN=oracle|scott/ENC[v1:aes256gcm:default:...:...]@ora-host:1521/orclpdb1
Oracle godror key-value DSN:
srcDSN=oracle|user="scott" password="ENC[v1:aes256gcm:default:...:...]" connectString="ora-host:1521/orclpdb1"
Ing format warisan Oracle, tembung sandhi sing didekripsi bakal diusir miturut fragmen path sing kudu dihindari / Ngenteni karakter khusus kanggo numpes user/password@host struktur; format tombol-nilai bakal nahan utawa ngrampungake tandha petik supaya kasalahan parsing disebabake spasi lan karakter khusus.
2.7 Desensitisasi gabungan log: nyegah ciphertext dadi bocor liyane
Enkripsi file konfigurasi ora cukup. Yen DSN decrypted dicithak ing log sawise program diwiwiti, resiko isih ana.
v4.0.0 nindakake desensitisasi terpadu ing gt-checksum, repairDB, MySQL/Oracle sambungan log pool:
mysql|user:******@tcp(src-host:3306)/information_schema?charset=utf8mb4
oracle|scott/******@ora-host:1521/orclpdb1
oracle|user="scott" password="******" connectString="ora-host:1521/orclpdb1"
Ing tembung liyane, ora ketompo apa DSN asli teks kosong utawaENC[...] Ciphertext utawa sandi nyata decrypted sak runtime bakal diganti ing log. ******.
3. Demonstrasi panggunaan fungsi
3.1 Nggawe kunci
$ gt-dsn-crypt gen-key
Is7oYfqpCNZc6mD8kKY/yFevgYrjU//y4SM2K40yzM4=
$ export GT_CHECKSUM_DSN_KEY="Is7oYfqpCNZc6mD8kKY/yFevgYrjU//y4SM2K40yzM4="
Iki minangka kunci acak 32-bait sing dienkode base64. Kanggo lingkungan produksi, dianjurake kanggo nyelehake menyang sistem manajemen kunci sing aman utawa nyuntikake menyang proses tugas liwat variabel lingkungan.
3.2 Nggawe sandi sandi ciphertext
Disaranake nulis sandi database menyang file sauntara sadurunge nggunakake --password-file enkripsi:
$ printf '%s' 'GreatSQL@2026!' > ./password.txt
$ GT_CHECKSUM_DSN_KEY="$KEY" gt-dsn-crypt encrypt --password-file ./password.txt
ENC[v1:aes256gcm:default:Qk1...:8dF...]
Sampeyan uga bisa nggunakake langsung --password:
gt-dsn-crypt encrypt --key "$KEY" --password 'GreatSQL@2026!'
Nanging, cara iki bisa dicathet kanthi riwayat cangkang lan ora dianjurake ing lingkungan produksi.
3.3 Tulis gc.conf
srcDSN=mysql|user:ENC[v1:aes256gcm:default:Qk1...:8dF...]@tcp(10.0.0.1:3306)/information_schema?charset=utf8mb4
dstDSN=mysql|user:ENC[v1:aes256gcm:default:9mA...:rK2...]@tcp(10.0.0.2:3306)/information_schema?charset=utf8mb4
tables=db.*
checkObject=data
datafix=file
Cathetan: Sumber lan target bisa nggunakake tombol sing padha kanggo ngasilake ciphertext, utawa bisa digunakake
kidRekam id kunci sing beda. Nanging, implementasine saiki nalika runtime kudu nyedhiyakake kunci sing bisa mbukak kunci ciphertext ing konfigurasi kasebut.
3.4 Miwiti gt-checksum
$ GT_CHECKSUM_DSN_KEY="$KEY" gt-checksum -c ./gc.conf
Initializing gt-checksum
Reading configuration files
Opening log files
Checking configuration options
gt-checksum: Starting table checks
...
Utawa nggunakake --key:
$ gt-checksum -c ./gc.conf --key "$KEY"
3.5 repairDB nggunakake ciphertext dstDSN
repairDB mung nyambung menyang target, supaya mung maca lan decrypts dstDSN:
dstDSN=mysql|user:ENC[v1:aes256gcm:default:9mA...:rK2...]@tcp(10.0.0.2:3306)/information_schema?charset=utf8mb4
fixFileDir=./fixsql
Kanggo nindakake ndandani:
$ GT_CHECKSUM_DSN_KEY="$KEY" repairDB -conf ./gc.conf ./fixsql
[REPAIR] Processing: table.db.orders.INSERT-1.sql ... OK
...
3.6 Verifikasi dekripsi
Yen sampeyan kudu ngonfirmasi manawa sandhi sing cocog karo ciphertext tartamtu bener, sampeyan bisa nggunakake decrypt:
$ GT_CHECKSUM_DSN_KEY="$KEY" gt-dsn-crypt decrypt --ciphertext 'ENC[v1:aes256gcm:default:Qk1...:8dF...]'
GreatSQL@2026!
Disaranake supaya printah dekripsi mung digunakake kanggo verifikasi lokal sauntara supaya ora metu teks kosong menyang terminal sambungan, log CI utawa sistem pesenan karya.
3.7 Tuladha laporan kesalahan tembung sandhi teks biasa
Yen file konfigurasi isih nggunakake sandhi teks sing cetha:
srcDSN=mysql|user:plain_password@tcp(10.0.0.1:3306)/information_schema?charset=utf8mb4
Bakal gagal langsung nalika miwiti:
$ gt-checksum -c ./gc.conf
gt-checksum: invalid srcDSN password: dsn password must use ENC[...] ciphertext
Yen kunci ora kasedhiya:
$ gt-checksum -c ./gc.conf
gt-checksum: invalid srcDSN password: dsn encryption key is required
4. Praktek paling apik lan watesan panggunaan
4.1 Laku paling apik
1. Panggunaan seragam ing lingkungan produksi --password-file enkripsi
dibandhingake karo --password,--password-file Sampeyan bisa ngindhari sandhi ngetik riwayat cangkang:
printf '%s' '数据库密码' > ./password.txt
GT_CHECKSUM_DSN_KEY="$KEY" gt-dsn-crypt encrypt --password-file ./password.txt
rm -f ./password.txt
2. Aja sijine tombol bebarengan karo gc.conf
Aja nulis tombol menyang file konfigurasi, lan ora gabungke file tombol karo gc.conf Sijine ing direktori padha lan paket kanggo pangiriman. Dianjurake nggunakake:
- CI/CD Rahasia
- Rahasia Kubernetes
- Variabel lingkungan sistem operasi
- Sistem manajemen kunci perusahaan
3. Gunakake --key Ganti variabel lingkungan sementara
Yen sampeyan kudu nindakake tugas verifikasi kanggo macem-macem proyek ing mesin sing padha, sampeyan bisa nggunakake --key Temtokake kanthi jelas kunci tugas saiki supaya ora nyalahi panggunaan kunci lawas ing variabel lingkungan:
gt-checksum -c ./gc-prod.conf --key "$PROD_DSN_KEY"
4. Log bisa dienggo bareng, nanging konfigurasi lan tombol ora bisa dienggo bareng.
v4.0.0 wis seragam desensitized log DSN, supaya file log relatif luwih aman. Nanging ing file konfigurasi ENC[...] Teks rahasia lan tombol runtime kudu tetep dikelola minangka informasi sensitif.
5. Ajeg muter tombol lan ciphertexts
Yen anggota project ngganti lan file konfigurasi wis dikirim metu, dianjurake kanggo regenerate tombol lan regenerate. srcDSN / dstDSN teks cipher.ENC[...] ing kid Lapangan kasebut bisa digunakake kanggo ngrekam id kunci kanggo nggampangake pelacakan manual versi kunci.
6. Gunakake karo sambungan ndhelik SSL
DSN ciphertext nglindhungi “sandi ing file konfigurasi statis”, nalika SSL nglindhungi “data ing transmisi jaringan runtime”. Loro-lorone ngatasi masalah sing beda. Disaranake kanggo ngaktifake ing wektu sing padha ing lingkungan produksi:
srcDSN=mysql|user:ENC[...]@tcp(src-host:3306)/information_schema?charset=utf8mb4
dstDSN=mysql|user:ENC[...]@tcp(dst-host:3306)/information_schema?charset=utf8mb4
srcSslMode=VERIFY_CA
dstSslMode=VERIFY_CA
4.2 Gunakake watesan
1. Tembung sandhi teks kosong ora kompatibel maneh
Wiwit saka v4.0.0,srcDSN / dstDSN Tembung sandhi kudu digunakake ENC[...]. Yen konfigurasi versi lawas isih nggunakake tembung sandhi teks biasa, mula kudu dipindhah menyang format teks cipher dhisik, yen wiwitan bakal gagal.
2. Tombol kudu nilai acak 32-byte base64-encoded.
gt-dsn-crypt gen-key Tombol kui bisa digunakake langsung. Yen sampeyan nggawe kunci kanthi manual, sampeyan kudu mesthekake yen dawa sawise dekoding base64 persis 32 bita, yen ora ana kesalahan bakal dilaporake:
dsn encryption key must be base64 encoded 32 bytes
3. File kunci ora didhukung
Alat ora kasedhiya --key-file Parameter, kunci ora bakal diwaca saka file konfigurasi. kunci mung bisa liwat --key utawa GT_CHECKSUM_DSN_KEY pasokan.
4. Ciphertext mung nglindhungi sandi, ora DSN lengkap.
ENC[...] Mung sandi ndhelik, lan host, port, jeneng perpustakaan, charset, paramèter SSL, etc.. isih disimpen ing file konfigurasi ing teks kosong. Iki kanggo njaga informasi operasional sing dibutuhake. Yen target sambungan dhewe minangka informasi sensitif, proteksi tambahan kudu diwenehake liwat ijin file konfigurasi lan sistem penyebaran.
5. Sandi ora bisa mbalekake sawise tombol ilang.
AES-256-GCM minangka enkripsi simetris. Ora bisa dekripsi tanpa kunci sing bener ENC[...]. Mulane, kunci kasebut kudu digawe serep lan dikelola kanthi bener; yen kunci ilang, siji-sijine cara kanggo entuk maneh sandi database lan regenerate ciphertext.
6. Printah decrypt bakal output teks kosong
gt-dsn-crypt decrypt Iku kanggo verifikasi lokal apa ciphertext bener, lan asil output sandi plaintext. Aja nglakokake perintah iki ing terminal sing dienggo bareng, saluran pipa CI, utawa log umum.
5. Ringkesan
Kapabilitas proteksi ciphertext DSN saka gt-checksum v4.0.0 nambah keamanan sandi senar sambungan menyang tingkat prentah standar. Tembung sandhi teks kosong ora diidini maneh ing file konfigurasi lan kudu dilewati nalika wiwitan --key utawa GT_CHECKSUM_DSN_KEY Nyedhiyani tombol base64 32-bait, program decrypts ing memori lan banjur nyambung menyang database, lan seragam desensitizes kabeh output log DSN.
Ing babagan kemampuan iki, v4.0.0 wis nggawe loop tertutup lengkap:
gt-dsn-crypt gen-key: Nggawe kunci acak 32-baitgt-dsn-crypt encrypt: Ngasilake AES-256-GCMENC[...]teks ciphergt-dsn-crypt decrypt: Verifikasi dekripsi lokalgt-checksum --key/GT_CHECKSUM_DSN_KEY: Dekripsi runtimesrcDSN/dstDSNrepairDB --key/GT_CHECKSUM_DSN_KEY: Dekripsi runtimedstDSN- Desensitisasi log sing manunggal: kanggo nyegah teks kosong utawa teks cipher supaya ora bocor maneh
Ringkesan siji ukara:srcDSN=mysql|user:ENC[...]@...supaya tembung sandhi database ora katon maneh ing file konfigurasi lan log.
Wacan sing gegandhengan
PakarPBN
A Private Blog Network (PBN) is a collection of websites that are controlled by a single individual or organization and used primarily to build backlinks to a “money site” in order to influence its ranking in search engines such as Google. The core idea behind a PBN is based on the importance of backlinks in Google’s ranking algorithm. Since Google views backlinks as signals of authority and trust, some website owners attempt to artificially create these signals through a controlled network of sites.
In a typical PBN setup, the owner acquires expired or aged domains that already have existing authority, backlinks, and history. These domains are rebuilt with new content and hosted separately, often using different IP addresses, hosting providers, themes, and ownership details to make them appear unrelated. Within the content published on these sites, links are strategically placed that point to the main website the owner wants to rank higher. By doing this, the owner attempts to pass link equity (also known as “link juice”) from the PBN sites to the target website.
The purpose of a PBN is to give the impression that the target website is naturally earning links from multiple independent sources. If done effectively, this can temporarily improve keyword rankings, increase organic visibility, and drive more traffic from search results.
Related Posts
