Hash the default password ?
205 views
Skip to first unread message
jan.go...@enervalis.com
Jan 31, 2017, 5:14:34 AM1/31/17
to rabbitmq-users
Is there a way to store the default password in a hashed format ?
Consider the following configuration, is there a way to specify a hash instead of "verycomplicatedpassword" ?
TIA !
[
{rabbit, [
{tcp_listeners, [{"0.0.0.0", 5672}]},
{log_levels, [{connection, debug}]},
{default_user, <<"admin">>},
{default_pass, <<"verycomplicatedpassword">>},
{default_vhost, <<"default">>}
]}
].Michael Klishin
Jan 31, 2017, 5:16:40 AM1/31/17
to rabbitm...@googlegroups.com
You can provide a hash via HTTP API or delete the default
user and create a new one via `rabbitmqctl`.
3.7.0 will support a generic way to provide encrypted values in the config
but it's not worth the pain for this case.
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-users+unsubscribe@googlegroups.com.
To post to this group, send email to rabbitmq-users@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
MK
Staff Software Engineer, Pivotal/RabbitMQ
Arnaud Cogoluègnes
Jan 31, 2017, 5:26:03 AM1/31/17
to rabbitm...@googlegroups.com
Configuration entry encryption [1] is actually available since 3.6.6 [2], but looks indeed a bit overkill for this case.
On Tue, Jan 31, 2017 at 11:16 AM, Michael Klishin <mkli...@pivotal.io> wrote:
You can provide a hash via HTTP API or delete the defaultuser and create a new one via `rabbitmqctl`.3.7.0 will support a generic way to provide encrypted values in the configbut it's not worth the pain for this case.
On Tue, Jan 31, 2017 at 1:14 PM, <jan.go...@enervalis.com> wrote:
Is there a way to store the default password in a hashed format ?Consider the following configuration, is there a way to specify a hash instead of "verycomplicatedpassword" ?TIA !
{rabbit, [
{tcp_listeners, [{"0.0.0.0", 5672}]},
{log_levels, [{connection, debug}]},
{default_user, <<"admin">>},
{default_pass, <<"verycomplicatedpassword">>},
{default_vhost, <<"default">>}
]}
].
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-users+unsubscribe@googlegroups.com.
To post to this group, send email to rabbitm...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--MKStaff Software Engineer, Pivotal/RabbitMQ
Jan Goyvaerts
Jan 31, 2017, 5:26:31 AM1/31/17
to rabbitm...@googlegroups.com
I know the password must be changed at first login - but this is in case the discipline wasn't applied. :-)
The password in the config file will correspond with the real password.
On Tue, Jan 31, 2017 at 11:16 AM, Michael Klishin <mkli...@pivotal.io> wrote:
You can provide a hash via HTTP API or delete the defaultuser and create a new one via `rabbitmqctl`.3.7.0 will support a generic way to provide encrypted values in the configbut it's not worth the pain for this case.
On Tue, Jan 31, 2017 at 1:14 PM, <jan.go...@enervalis.com> wrote:
Is there a way to store the default password in a hashed format ?Consider the following configuration, is there a way to specify a hash instead of "verycomplicatedpassword" ?TIA !
{rabbit, [
{tcp_listeners, [{"0.0.0.0", 5672}]},
{log_levels, [{connection, debug}]},
{default_user, <<"admin">>},
{default_pass, <<"verycomplicatedpassword">>},
{default_vhost, <<"default">>}
]}
].
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-users+unsubscribe@googlegroups.com.
To post to this group, send email to rabbitm...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--MKStaff Software Engineer, Pivotal/RabbitMQ
--
You received this message because you are subscribed to a topic in the Google Groups "rabbitmq-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/rabbitmq-users/YpgOloOGQGo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to rabbitmq-users+unsubscribe@googlegroups.com.
To post to this group, send email to rabbitmq-users@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Michael Klishin
Jan 31, 2017, 5:29:57 AM1/31/17
to rabbitm...@googlegroups.com
Actually, I see that https://github.com/rabbitmq/rabbitmq-server/issues/979 is in 3.6.6.
Again, I think it's an overkill for this particular case but feel free to give it a try. See
Configuration Entry Encryption in http://www.rabbitmq.com/configure.html.
--
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-users+unsubscribe@googlegroups.com.
To post to this group, send email to rabbitmq-users@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
milosb
Feb 6, 2024, 8:35:21 AM2/6/24
to rabbitmq-users
Could someone help me to convert following encoded password for default user from old config format to new one (it is taken from official rabbitmq doc, do not mind content)?
[ {rabbit, [ {default_user, <<"guest">>}, {default_pass, {encrypted, <<"cPAymwqmMnbPXXRVqVzpxJdrS8mHEKuo2V+3vt1u/fymexD9oztQ2G/oJ4PAaSb2c5N/hRJ2aqP/X0VAfx8xOQ==">> } }, {config_entry_decoder, [ {passphrase, <<"mypassphrase">>} ]} ]} ].
It ends up for me like this, but it is not working:
default_user = guest
default_pass.encrypted = cPAymwqmMnbPXXRVqVzpxJdrS8mHEKuo2V+3vt1u/fymexD9oztQ2G/oJ4PAaSb2c5N/hRJ2aqP/X0VAfx8xOQ==
config_entry_decoder.passphrase = mypassphrase
default_pass.encrypted = cPAymwqmMnbPXXRVqVzpxJdrS8mHEKuo2V+3vt1u/fymexD9oztQ2G/oJ4PAaSb2c5N/hRJ2aqP/X0VAfx8xOQ==
config_entry_decoder.passphrase = mypassphrase
kind regard
Milos
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
To post to this group, send email to rabbitm...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--MKStaff Software Engineer, Pivotal/RabbitMQ
--
You received this message because you are subscribed to a topic in the Google Groups "rabbitmq-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/rabbitmq-users/YpgOloOGQGo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to rabbitmq-user...@googlegroups.com.
To post to this group, send email to rabbitm...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
----
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
Luke Bakken
Feb 9, 2024, 12:28:02 PM2/9/24
to rabbitmq-users
Milos,
Replying to a 7-year-old discussion is not advised, because most of the time people won't notice it.
Secondly, the rabbitmq.conf file does not support encryption of values. You will have to use the advanced.config file for this purpose.
Thanks,
LUke
Reply all
Reply to author
Forward
0 new messages