Hi all, We are trying to use MD5 encrypted passwords. Quick question first - Is SHA-2 supported yet? US-CERT of the U. S. Department of Homeland Security has said that MD5 "should be considered cryptographically broken and unsuitable for further use”, and SHA-2 family of hash functions is recommended.
The issue I'm seeing is that when I turn on MD5 encryption, I can't log into the cluster from Cassandra-CLI (I get a login failure). The cassandra.in.sh file has been changed as so: JVM_OPTS=" -Dpasswd.properties=/home/ubuntu/apache-cassandra-0.8.0-beta1/conf/passwd.properties \ -Daccess.properties=/home/ubuntu/apache-cassandra-0.8.0-beta1/conf/access.properties \ -Dpasswd.mode=MD5" And I ran this python script to generate a MD5 hash: ubuntu@darknet:~$ python Python 2.6.6 (r266:84292, Sep 15 2010, 15:52:39) [GCC 4.4.5] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> from hashlib import md5 >>> p = "nosql" >>> h = md5(p).hexdigest() >>> print h 9fa1b39e7eb877367213e6f7e37d0b01 Then I updated the passwd.properties file with the new hashed password: jdoe=9fa1b39e7eb877367213e6f7e37d0b01 Also, the access.properties file is properly set so that jdoe has rw access to the keyspace and CF: MyKeyspace.<rw>=jdoe,jsmith MyKeyspace.MyCF.<rw>=jsmith,jdoe But when I try to connect to the cluster now, I'm getting a login failure. I have tried a few different ways of connecting: Ran this from the Cassandra CLI: [default@unknown] connect ec2-50-19-26-189.compute-1.amazonaws.com/9160 jdoe '9fa1b39e7eb877367213e6f7e37d0b01'; Login failure. Did you specify 'keyspace', 'username' and 'password'? Ran these from the Ubuntu CLI: ubuntu@domU-12-31-39-0C-D9-13:~/apache-cassandra-0.8.0-beta1$ bin/cassandra-cli -h ec2-50-19-26-189.compute-1.amazonaws.com -p 9160 -u jdoe -pw 9fa1b39e7eb877367213e6f7e37d0b01 -k MDR Login failure. Did you specify 'keyspace', 'username' and 'password'? ubuntu@domU-12-31-39-0C-D9-13:~/apache-cassandra-0.8.0-beta1$ bin/cassandra-cli -h ec2-50-19-26-189.compute-1.amazonaws.com -p 9160 -u jdoe -pw '9fa1b39e7eb877367213e6f7e37d0b01' -k MDR Login failure. Did you specify 'keyspace', 'username' and 'password'? Hmm, what am I doing wrong? - Sameer