How to Encrypt Passwords in MaxL Scripts

There are obvious security concerns at storing clear-text passwords in scripts. Here is how you encrypt MaxL (essmsh) scripts so that there are no clear-text passwords showing.
 
First of all we need to generate random public and private encryption keys using the following command:
 
essmsh –gk > myKeys.txt
 
The resulting myKeys.txt will contain the keys, you should keep this file somewhere safe, here are the contents:
 
Public Key for Encryption: 25891,2909413183
Private Key for Decryption: 2520849883,2909413183
 
Then we also need a script to convert, e.g. Finance.mxl, contents as follows:
 
login 'admin' 'password' on 'severname';
spool on to 'E:\CalcConsole\Logs\Finance.log';
import database DFinance.Finance data connect as 'admin' identified by 'password' using server rules_file PLSQL on error write to 'E:\CalcConsole\Logs\PLSQL.err';
execute calculation DFinance.Finance.Night;
spool off;
Exit;
 
To encrypt the script we use the public key like this:
 
essmsh –E Finance.mxl 25891,2909413183
 
Which generates a file called Finance.mxls (note the ‘s’ on the end of the file extension which I suppose stands for “secure”), this no longer has clear-text passwords, contents as follows:
 
login $key 106005741293930722520707386301 $key 0404020362185807397114384020618985408471 on 'mdcdev003';
spool on to 'E:\CalcConsole\Logs\Finance.log';
import database DFinance.Finance data connect as $key 106005741293930722520707386301 identified by $key 0404020362185807397114384020618985408471 using server rules_file PLSQL on error write to 'E:\CalcConsole\Logs\PLSQL.err';
execute calculation DFinance.Finance.Night;
spool off;
Exit;
 
The last step is to actually run the script, we need to use the private key to do this:
 
essmsh –D Finance.mxls 2520849883,2909413183
 
The theory behind public/private key encryption is that because both keys are required to generate the actual password, and a potential hacker never has access to both the keys, they will not be able to “crack” the password.