geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GEODE-718) Gfsh history exposes passwords
Date Mon, 04 Jan 2016 21:53:39 GMT

    [ https://issues.apache.org/jira/browse/GEODE-718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081879#comment-15081879
] 

ASF subversion and git services commented on GEODE-718:
-------------------------------------------------------

Commit 9bca880bfce2af96c48dc6a36c0c6573431f6345 in incubator-geode's branch refs/heads/feature/GEODE-715
from [~jens.deppe]
[ https://git-wip-us.apache.org/repos/asf?p=incubator-geode.git;h=9bca880 ]

GEODE-718: Sanitize passwords in gfsh history file


> Gfsh history exposes passwords
> ------------------------------
>
>                 Key: GEODE-718
>                 URL: https://issues.apache.org/jira/browse/GEODE-718
>             Project: Geode
>          Issue Type: Improvement
>          Components: management
>            Reporter: Jens Deppe
>
> When using gfsh connect statement, the entire connect statement is getting logged in
the gfsh history file, and it shows the password for the key store in clear text in the history
file.
> Here is an example connect statement that is typically executed by a automation linux
script.
> {noformat}
> $ ./gfsh
>     _________________________     __
>    / _____/ ______/ ______/ /____/ /
>   / /  __/ /___  /_____  / _____  /
>  / /__/ / ____/  _____/ / /    / /
> /______/_/      /______/_/    /_/    v1.0.0-incubating-SNAPSHOT
> Monitor and Manage GemFire
> gfsh>connect --locator=vm-abcd[41111] --use-ssl=true --key-store=/var/gemfire//conf/keystore/tomcat.jks
--key-store-password=blah-blah --trust-store=/var/gemfire/conf/keystore/tomcat.jks --trust-store-password=blah-blah
--ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 --protocols=TLSv1.2
> Connecting to Locator at [host=vm-abcd, port=41111] ..
> Connecting to Manager at [host=vm-abcd, port=1099] ..
> Successfully connected to: [host=vm-abcd, port=1099]
> Cluster-101 gfsh>history
> 1 …
> 2 …
> 3 connect --locator=vm-abcd[41111] --use-ssl=true --key-store=/var/gemfire/conf/keystore/tomcat.jks
--key-store-password=blah-blah --trust-store=/var/gemfire/conf/keystore/tomcat.jks --trust-store-password=blah-blah
--ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 --protocols=TLSv1.2
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message