New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ship mosquitto_passwd separately or part of client package maybe? #2915
Comments
Maybe just use:
where
If you want to prepare an offline password file then you can use the same approach to create one by adding the
and then you can go back to the original command syntax:
If passwords turning up in your history log bothers you then you have two choices:
|
But I don't have docker, this is running on a remote kubernetes instance. |
Hi Andreas, We had a discussion about standalone password file generation (in pre-PBKDF2 times) on the mailing list prompted by a similar need. I did some work on a PHP implementation (see initial response to the ml question) and ended up doing a rudimentary PHP script for the, then solely supported, SHA512 based algorithm. You can find it at my tools repository (GPL-3.0-or-later): https://git.sr.ht/~mikini/hometools/tree/master/item/mosquitto_passwd.php. There's also a bit about it, and some more recent thoughts on PBKDF2 support, on my blog: Generating passwords for Mosquitto MQTT broker using PHP. Regards, |
Thanks Mikkel, cool, that's helpful... I guess I should be able to make an OpenSSL based on quite trivially too! cheers, |
When running mosquitto as part of a containerised environment, it is handy to be able to generate the password file outside the container running mosquitto. At the moment the only way to get
mosquitto_passwd
is through installing the entire broker, which kinda defeats the containerised approach...If only there was a package with just the
_passwd
utility, or with in theclient
package then it would make life easier (yes, that possible needs to be aimed at Debian maintainers etc).Is there a way to generate the password hashes in a scriptable, standalone way? I noticed
openssl passwd -6
can generate the "old" style passwords, but I really would prefer PBKDF2 hashes :-)The text was updated successfully, but these errors were encountered: