About | Contact | Impressum

Home |  Code |  Articles |  Misc |  x
Firebird |  Talks |  Character Sets |  x
General |  1.0 |  1.5 |  2.0 |  2.1 |  2.5 |  3.0 |  x

GSEC — Firebird User Administration

GSEC is Firebird's command line tool for user administration issues.

All database users are stored in the security database named isc4.gdb (Firebird 1.0), security.fdb (Firebird 1.5) or security2.fdb (Firebird 2.0) in the Firebird directory. There is always at least one user, the system database administrator, SYSDBA.

After installation, the SYSDBA password is "masterkey". (Exception: Firebird 1.5 for Linux)

Only the first 8 characters of a password are significant. The password should not contain space characters.

Invoking GSEC

GSEC can only be run by the SYSDBA. 

To use GSEC for the local machine, use:

    gsec -user sysdba -password <password> [options]

To use GSEC for a remote machine, use:

    gsec -user sysdba -password <password> -database <databasename>

where <databasename> is the database name of the remote security.fdb or security2.fdb database.

You can use GSEC has an interactive command line tool or give all commands on one command line. 


Displays all users
di[splay] <username>
Displays all information for the given user
a[dd] <username> -pw <password> [options]
Add a new user
mo[dify] <username> [options]
Modify user
de[lete] <username>
Delete user
Display help
Display help
Quit interactive mode
Display GSEC version number

Wenn you don't want to invoke the interactive mode, you can give all commands directly in the command line. To do that, precede the commands with a dash.


-pa[ssword] <password>
Password of the user who is performing the change
-user <username>
User name of the user who is performing the change
-fet[ch_password] <filename>
Instead of -password: Fetch password from the file so it is not visible in the command line. When <filename> is stdin, the user will be prompted for the password. [Firebird 2.5]
-pw <password>
Password of target user (or new password)
-fname <first name>
Target user's first name
-mname <middle name>
Target user's middle name
-lname <last name>
Target user's last name


Add user Elvis Presley as user ELVIS, password is "Aaron"

gsec -user SYSDBA -password masterkey
GSEC> add elvis -pw Aaron -fname Elvis -lname Presley
GSEC> quit

Change password of user ELVIS to "chuck"

gsec -user SYSDBA -password masterkey
GSEC> modify elvis -pw chuck
GSEC> quit

Change password of SYSDBA from "masterkey" to "MyKey37"

gsec -user SYSDBA -password masterkey -modify sysdba -pw MyKey37

Change password of SYSDBA to "hamburg" on remote Linux server "harry"

gsec -user SYSDBA -password masterkey -database harry:/opt/firebird/security.fdb -modify sysdba -pw hamburg

Change password of SYSDBA on remote Windows server "sally" to "hannover"

gsec -user SYSDBA -password masterkey -database sally:"C:\Program Files\Firebird\security.fdb" -modify sysdba -pw hannover

Change password of SYSDBA on remote server "jake" on TCP port 3051 to "london"

gsec -user SYSDBA -password masterkey -database jake/3051:/opt/firebird/security.fdb" -modify sysdba -pw london

Delete user Joe on local server

gsec -user SYSDBA -password masterkey -delete joe


On Borland InterBase systems, the security database is named isc4.gdb.

There will be a warning when a new password is longer than 8 characters.

Stefan Heymann, 2009-11-20

This documentation is licensed under (choose your favorite): GPL, LGPL, CC, IDPL, GFDL, BSD, (did I forget one?)