We have implemented Cassandra integrated authentication following the article on https://cassandra.apache.org/doc/latest/operating/security.html#jmx-with-ssl . Now we have to use nodetool commands with -u and -pw parameters. That works fine.
But we want to avoid showing up the credentials (in history) issuing the nodetool command on commandline and we also want to use scripting/scripts on commandline and not having that password show up.
1) we tried using the -pwf option (with -u). But what should be the config of such a file? We tried putting in a file: username=<dbusername> password=<dbpassword> and jmx_username=<jmxusername> and jmx_password=<jmxpassword> and <username> <password>. Nothing works. Could it be this no longer works when having done the configuration steps for using integrated authentication? Or should the file be different?
2) I looked at datastax articles: https://docs.datastax.com/en/security/6.0/security/Auth/secCredentialsEnv.html
They are referring to a .dserc file. Is there also something like .nodetoolrc? (like cqlshrc)?
3) or is using environment variables in .bash_profile our only option now?