[dnsdist] please consider generating a hashed one using 'hashPassword()'
Remi Gacogne
remi.gacogne at powerdns.com
Mon Oct 4 07:26:25 UTC 2021
Hi Denis,
On 10/2/21 22:47, Denis MACHARD via dnsdist wrote:
> With the alpha release of dnsdist 1.7.0, we have the new following log
> message during startup:
>
> Passing a plain-text password via the 'password' parameter to
> 'setWebserverConfig()' is not advised, please consider generating a
> hashed one using 'hashPassword()' instead.
> Passing a plain-text API key via the 'apiKey' parameter to
> 'setWebserverConfig()' is not advised, please consider generating a
> hashed one using 'hashPassword()' instead.
>
> I just want to report that this great feature (PR 10157) ismissing in
> the changelog,
You are right, it did not make it into the Upgrade guide either. I'll
fix that, thanks!
> By the way, I made a small to tool to generate the hash password without
> dnsdist, it's can be useful for automated deployment
> https://github.com/dmachard/dnsdist-console
> <https://github.com/dmachard/dnsdist-console>
>
> pip install dnsdist_console
>
> python3 -c "from dnsdist_console import HashPassword as
> H;print(H().generate(\"mysupersecret\"))"
> $scrypt$ln=10,p=1,r=8$rY9YB+QnTOkxKOBlNUUYaw==$4C4Hm5IFiOTluLkjGtPMl4FtYQIwJvSA/eb7uqAlFg4=
That's great, thanks a lot!
Best regards,
--
Remi Gacogne
PowerDNS.COM BV - https://www.powerdns.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.powerdns.com/pipermail/dnsdist/attachments/20211004/90d2e11d/attachment.sig>
More information about the dnsdist
mailing list