On Wed, 2011-04-27 at 12:56 +0200, Sasha Dolgy wrote:
> "IBM WebSphere applies a hardcoded XOR. Each caracter is XOR'd with
> the caracter ‘_’, and the resulting string is encoded in base64. This
> is not cryptography, it is just enough encoding so that a casual
> glance at the file will not reveal
How about a more general (and encrypted!) solution: Add a password
decryption class to the YAML. If it is not defined, that means the passwords
are not encrypted, if it is defined, use it to decrypt the passwords.
That way, you need to steal both the YAML and the decryption class if you
want to st
"IBM WebSphere applies a hardcoded XOR. Each caracter is XOR'd with
the caracter ‘_’, and the resulting string is encoded in base64. This
is not cryptography, it is just enough encoding so that a casual
glance at the file will not reveal the password."
I'm sure there are many different options. K
Although it's crude, websphere for example provides a simple, internal
hashing algorithm to encrypt the clear text passwords. it's quite
easy to decrypt the passwords ... however, it's an extra step that
takes a bit more time ... as opposed to saying, "hi, here are my
cleartext passwords. have fu
On Tue, 2011-04-26 at 08:57 +0200, Sasha Dolgy wrote:
> Is it possible to store an encrypted keystore_password and
> truststore_password in the cassandra.yaml? I see that the defaults
> allow cleartext which isn't suitable when negotiating with security
> specialists for sign-off of a solution...
Is it possible to store an encrypted keystore_password and
truststore_password in the cassandra.yaml? I see that the defaults
allow cleartext which isn't suitable when negotiating with security
specialists for sign-off of a solution...
From: http://svn.apache.org/repos/asf/cassandra/trunk/conf/c
