[jira] [Commented] (GEODE-718) Gfsh history exposes passwords

Mon, 04 Jan 2016 09:46:11 -0800 

    [ 
https://issues.apache.org/jira/browse/GEODE-718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15081446#comment-15081446
 ] 

ASF subversion and git services commented on GEODE-718:
-------------------------------------------------------

Commit 9bca880bfce2af96c48dc6a36c0c6573431f6345 in incubator-geode's branch 
refs/heads/develop from [~jens.deppe]
[ https://git-wip-us.apache.org/repos/asf?p=incubator-geode.git;h=9bca880 ]

GEODE-718: Sanitize passwords in gfsh history file


> Gfsh history exposes passwords
> ------------------------------
>
>                 Key: GEODE-718
>                 URL: https://issues.apache.org/jira/browse/GEODE-718
>             Project: Geode
>          Issue Type: Improvement
>          Components: management
>            Reporter: Jens Deppe
>
> When using gfsh connect statement, the entire connect statement is getting 
> logged in the gfsh history file, and it shows the password for the key store 
> in clear text in the history file.
> Here is an example connect statement that is typically executed by a 
> automation linux script.
> {noformat}
> $ ./gfsh
>     _________________________     __
>    / _____/ ______/ ______/ /____/ /
>   / /  __/ /___  /_____  / _____  /
>  / /__/ / ____/  _____/ / /    / /
> /______/_/      /______/_/    /_/    v1.0.0-incubating-SNAPSHOT
> Monitor and Manage GemFire
> gfsh>connect --locator=vm-abcd[41111] --use-ssl=true 
> --key-store=/var/gemfire//conf/keystore/tomcat.jks 
> --key-store-password=blah-blah 
> --trust-store=/var/gemfire/conf/keystore/tomcat.jks 
> --trust-store-password=blah-blah 
> --ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 --protocols=TLSv1.2
> Connecting to Locator at [host=vm-abcd, port=41111] ..
> Connecting to Manager at [host=vm-abcd, port=1099] ..
> Successfully connected to: [host=vm-abcd, port=1099]
> Cluster-101 gfsh>history
> 1 …
> 2 …
> 3 connect --locator=vm-abcd[41111] --use-ssl=true 
> --key-store=/var/gemfire/conf/keystore/tomcat.jks 
> --key-store-password=blah-blah 
> --trust-store=/var/gemfire/conf/keystore/tomcat.jks 
> --trust-store-password=blah-blah 
> --ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 --protocols=TLSv1.2
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to