cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sameer Farooqui <cassandral...@gmail.com>
Subject Questions about using MD5 encryption with SimpleAuthenticator
Date Mon, 16 May 2011 22:55:21 GMT
Hi all,

We are trying to use MD5 encrypted passwords. Quick question first - Is
SHA-2 supported yet? US-CERT of the U. S. Department of Homeland Security
has said that MD5 "should be considered cryptographically broken and
unsuitable for further use”, and SHA-2 family of hash functions is
recommended.

The issue I'm seeing is that when I turn on MD5 encryption, I can't log into
the cluster from Cassandra-CLI (I get a login failure).

The cassandra.in.sh file has been changed as so:

JVM_OPTS="

-Dpasswd.properties=/home/ubuntu/apache-cassandra-0.8.0-beta1/conf/passwd.properties
\

-Daccess.properties=/home/ubuntu/apache-cassandra-0.8.0-beta1/conf/access.properties
\
        -Dpasswd.mode=MD5"


And I ran this python script to generate a MD5 hash:
ubuntu@darknet:~$ python
Python 2.6.6 (r266:84292, Sep 15 2010, 15:52:39)
[GCC 4.4.5] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from hashlib import md5
>>> p = "nosql"
>>> h = md5(p).hexdigest()
>>> print h
9fa1b39e7eb877367213e6f7e37d0b01


Then I updated the passwd.properties file with the new hashed password:
jdoe=9fa1b39e7eb877367213e6f7e37d0b01


Also, the access.properties file is properly set so that jdoe has rw access
to the keyspace and CF:
MyKeyspace.<rw>=jdoe,jsmith
MyKeyspace.MyCF.<rw>=jsmith,jdoe


But when I try to connect to the cluster now, I'm getting a login failure. I
have tried a few different ways of connecting:

Ran this from the Cassandra CLI:
[default@unknown] connect ec2-50-19-26-189.compute-1.amazonaws.com/9160 jdoe
'9fa1b39e7eb877367213e6f7e37d0b01';
Login failure. Did you specify 'keyspace', 'username' and 'password'?


Ran these from the Ubuntu CLI:
ubuntu@domU-12-31-39-0C-D9-13:~/apache-cassandra-0.8.0-beta1$
bin/cassandra-cli -h ec2-50-19-26-189.compute-1.amazonaws.com -p 9160 -u
jdoe -pw 9fa1b39e7eb877367213e6f7e37d0b01 -k MDR
Login failure. Did you specify 'keyspace', 'username' and 'password'?


ubuntu@domU-12-31-39-0C-D9-13:~/apache-cassandra-0.8.0-beta1$
bin/cassandra-cli -h ec2-50-19-26-189.compute-1.amazonaws.com -p 9160 -u
jdoe -pw '9fa1b39e7eb877367213e6f7e37d0b01' -k MDR
Login failure. Did you specify 'keyspace', 'username' and 'password'?


Hmm, what am I doing wrong?

- Sameer

Mime
View raw message