cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sasha Dolgy <>
Subject Re: encryption_options & 0.8
Date Wed, 27 Apr 2011 09:15:04 GMT
Although it's crude, websphere for example provides a simple, internal
hashing algorithm to encrypt the clear text passwords.  it's quite
easy to decrypt the passwords ... however, it's an extra step that
takes a bit more time ... as opposed to saying, "hi, here are my
cleartext passwords.  have fun"

even something crude like base64 encode/decode on the cleartext string
would be better than clear text. when cassandra is loading the
cassandra.yaml and it gets to encryption_options, it can perform a
base64 decode against the encoded string.


On Wed, Apr 27, 2011 at 5:09 AM, David Strauss <> wrote:
> On Tue, 2011-04-26 at 08:57 +0200, Sasha Dolgy wrote:
>> Is it possible to store an encrypted keystore_password and
>> truststore_password in the cassandra.yaml?  I see that the defaults
>> allow cleartext which isn't suitable when negotiating with security
>> specialists for sign-off of a solution...
> If the passwords are encrypted, when and how would they be decrypted?

View raw message