[GitHub] zeppelin issue #2599: [ZEPPELIN-2952] encrypt credentials.json with AES
Github user Leemoonsoo commented on the issue: https://github.com/apache/zeppelin/pull/2599 Thanks @herval for the contribution!! I tried this branch and have few feedbacks. Document I could able to create encrypt key with following command. ``` openssl enc -aes-128-cbc -k secret -P -md sha1 ``` I'm not sure it's preferred way or there's any better way to create key. Anyway, It'll be easier to use if we can document this new environment variable with how to generate key in `/docs/setup/operation/configuration.md`. Protect AES key In my understanding, if any user can get both AES key (in `conf/zeppelin-env.sh`) and `conf/credentials.json`, user can decrypt the file. What do you think? will there be a way to prevent user get both key and encrypted file? ---
[GitHub] zeppelin issue #2599: [ZEPPELIN-2952] encrypt credentials.json with AES
Github user Leemoonsoo commented on the issue: https://github.com/apache/zeppelin/pull/2599 One CI failure https://travis-ci.org/herval/zeppelin/jobs/283036367 is license check and looks like `zeppelin-interpreter/src/main/java/org/apache/zeppelin/user/Encryptor.java` misses apache license header in the beginning of the file. @herval do you mind add license header to this file? Other CI failure looks unrelated. so looks good to me except for this license header. ---
[GitHub] zeppelin issue #2599: [ZEPPELIN-2952] encrypt credentials.json with AES
Github user herval commented on the issue: https://github.com/apache/zeppelin/pull/2599 done :) ---
[GitHub] zeppelin issue #2599: [ZEPPELIN-2952] encrypt credentials.json with AES
Github user Leemoonsoo commented on the issue: https://github.com/apache/zeppelin/pull/2599 Thanks! LGTM and merge to master if no further comments. ---