[rabbitmq-discuss] Securing RabbitMQ

• Previous message: [rabbitmq-discuss] Securing RabbitMQ
• Next message: [rabbitmq-discuss] Pika + Tornado Example
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 30/01/12 23:36, Alexandru Scvortov wrote:
> (posting again to the m/l)
>
>> Quick q: does RabbitMQ allow presenting a hashed password?
>
> No.  The authentication system is pluggable, though, so you could
> easily write your own mechanism (see the src/rabbit_auth_mechanism_*
> files in the broker source tree for examples).

More specifically I didn't think it worth doing this since it would tie 
authentication to the current password hashing scheme, and if you want 
to avoid sending passwords in plaintext you probably want to avoid 
sending anything in plaintext - so you should use SSL.

Actually, you don't want to just "present a hashed password" since that 
implies you are storing the hashed password at the client, which implies 
that it's not really hashed any more - you actually want something like 
CRAM-MD5. But CRAM-MD5 requires unsalted hashes and isn't even 
considered secure these days.

At one point I tried to invent a challenge response protocol that would 
work with salted hashes, but then I came to my senses and realised I 
should leave crypto protocol design to people who know what they're doing.

Cheers, Simon

-- 
Simon MacMullen
RabbitMQ, VMware

• Previous message: [rabbitmq-discuss] Securing RabbitMQ
• Next message: [rabbitmq-discuss] Pika + Tornado Example
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]