-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to securely store the password of Mosquitto as a client to RabbitMQ #640
Comments
Also, the bridge configuration they gave me uses "username" and "password" options for both of the connections (from RabbitMQ and to external system) This is quite confusing to me as the documentation (https://mosquitto.org/man/mosquitto-conf-5.html) only documents "user", "remote_username", "local_username", "remote_password" and "local_password" .. I'm not quite sure which of those are replaced by "username" and "password" Maybe "username" is "local_username" for clients connecting to my mosquitto and "remote_username" for the connection I make to the source of the messages? |
use appropriate file permissions on your config file? |
The problem is that we might want to version the configuration files of our system using Git. We might risk that the password leaves the server by the config file with the password in it being commited and pushed to Git. |
Hello,
I have a configuration where Mosquitto connects to RabbitMQ (source of messages) as a client and acts like a bridge, sending them to another system.
I don't want to have the password of the rabbitmq user stored in the mosquitto.conf, which mosquitto makes use of to connect to rabbitmq.
As far as I undestood the documentation, the password_file option is only for the other way round (clients making a connection to mosquitto).
Is it possible to store the password, mosquitto uses to connect to the RabbitMQ, in a keychain? Or is there even a more secure alternative? (Note that I need to use this with mosquitto running in docker)
The text was updated successfully, but these errors were encountered: