[rabbitmq-discuss] Securing RabbitMQ
Simon MacMullen
simon at rabbitmq.com
Tue Jan 31 10:40:33 GMT 2012
On 30/01/12 23:36, Alexandru Scvortov wrote:
> (posting again to the m/l)
>
>> Quick q: does RabbitMQ allow presenting a hashed password?
>
> No. The authentication system is pluggable, though, so you could
> easily write your own mechanism (see the src/rabbit_auth_mechanism_*
> files in the broker source tree for examples).
More specifically I didn't think it worth doing this since it would tie
authentication to the current password hashing scheme, and if you want
to avoid sending passwords in plaintext you probably want to avoid
sending anything in plaintext - so you should use SSL.
Actually, you don't want to just "present a hashed password" since that
implies you are storing the hashed password at the client, which implies
that it's not really hashed any more - you actually want something like
CRAM-MD5. But CRAM-MD5 requires unsalted hashes and isn't even
considered secure these days.
At one point I tried to invent a challenge response protocol that would
work with salted hashes, but then I came to my senses and realised I
should leave crypto protocol design to people who know what they're doing.
Cheers, Simon
--
Simon MacMullen
RabbitMQ, VMware
More information about the rabbitmq-discuss
mailing list