noelle.heerink-wijnja_161326 avatar image
noelle.heerink-wijnja_161326 asked Erick Ramirez commented

What is the format of the entries for the JMX password file?

We have implemented Cassandra integrated authentication following the article on . Now we have to use nodetool commands with -u and -pw parameters. That works fine.

But we want to avoid showing up the credentials (in history) issuing the nodetool command on commandline and we also want to use scripting/scripts on commandline and not having that password show up.

1) we tried using the -pwf option (with -u). But what should be the config of such a file? We tried putting in a file: username=<dbusername> password=<dbpassword> and jmx_username=<jmxusername> and jmx_password=<jmxpassword> and <username> <password>. Nothing works. Could it be this no longer works when having done the configuration steps for using integrated authentication? Or should the file be different?

2) I looked at datastax articles:

They are referring to a .dserc file. Is there also something like .nodetoolrc? (like cqlshrc)?

3) or is using environment variables in .bash_profile our only option now?

10 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

Erick Ramirez avatar image
Erick Ramirez answered Erick Ramirez commented

@noelle.heerink-wijnja_161326 Specifically on the JMX password file, you need to specify the full path with the -pwf flag:

$ nodetool -u jmx_user -pwf /etc/cassandra/jmxremote.password

The contents of the password file (I've called it jmxremote.password in my example but you can call it anything you want) is the JMX user name and the corresponding JMX password with one user per line. For example:

jmx_user SomeComp7exPass3ord
ops_user Cassan6raOpera2or
dev_user NoProd4ccess

Remember to secure the password file so only the Linux user which runs Cassandra can access it. For example:

$ sudo chown cassandra:cassandra /etc/cassandra/jmxremote.password
$ sudo chmod 400 /etc/cassandra/jmxremote.password


2 comments Share
10 |1000

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

noelle.heerink-wijnja_161326 avatar image noelle.heerink-wijnja_161326 commented ·

well yes that indeed worked. Thanks. Thought I tried it all but guess I did not. Thanks.

0 Likes 0 ·
Erick Ramirez avatar image Erick Ramirez ♦♦ noelle.heerink-wijnja_161326 commented ·

Good to hear! Cheers!

P.S. I've turned your answer into a comment. :)

0 Likes 0 ·