You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Brandon Williams (JIRA)" <ji...@apache.org> on 2014/02/05 22:08:08 UTC

[jira] [Commented] (CASSANDRA-6660) Make node tool command take a password file

    [ https://issues.apache.org/jira/browse/CASSANDRA-6660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13892570#comment-13892570 ] 

Brandon Williams commented on CASSANDRA-6660:
---------------------------------------------

Historically (CASSANDRA-5316, CASSANDRA-6279) we've felt that if you need to get this fancy, it's time to be using your own tool, but I wouldn't be against adding it if we had a patch.  Probably the best way to do this is with a simple property file that can be specified on the command line.

> Make node tool command take a password file
> -------------------------------------------
>
>                 Key: CASSANDRA-6660
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-6660
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Vishy Kasar
>
> We are sending the jmx password in the clear to the node tool command in production. This is a security risk. Any one doing a 'ps' can see the clear password. Can we change the node tool command to also take a password file argument. This file will list the JMX user and passwords. Example below:
> cat /cassandra/run/10003004.jmxpasswd
> monitorRole abc
> controlRole def
> Based on the user name provided, node tool can pick up the right password. 



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)