1. 技术文章
  2. How to hide sensitive data from node.conf?

How to hide sensitive data from node.conf?

半世苍凉 提交于 2020-01-23 03:40:07

问题


Can someone please give me an example for corporatePasswordStore that is mentioned here:
https://docs.corda.net/node-administration.html?fbclid=IwAR0gRwe5BtcWO0NymZVyE7_yMfthu2xxnU832vZHdbuv17S-wPXgb7iVZSs#id2

I've been doing a lot of research in the last few days on how to hide the plain passwords from node.conf; it's a new topic for me and this is what I came up with so far:

  1. Create a priv/pub key with gpg2
  2. Create a password store with pass (using the key that I generated earlier).
  3. Store all the plain passwords from node.conf inside that password store.
  4. Replace the plain passwords in node.conf with environment variables (e.g. keyStorePassword = ${KEY_PASS})

  5. Create a script file (e.g. start_node.sh) that will do the following:

    a. Set an environment variable to one of the passwords from the password store: export key_store_password=$(pass node.conf/keyStorePassword)
    b. Start the node: java -jar corda.jar
    c. Restart the gpg agent to clear the cached passwords, otherwise you can get any password from the store without passing the passphrase: gpgconf --reload gpg-agent

Pros:

  1. Using the bash file start_node.sh allows to set many passwords as environment variables at once (e.g. keyStore, trustStore, db passwords, RPC user password)
  2. Since we are running the bash file with bash start_node.sh and not source start_node.sh, the environment variable is not exposed to the parent process (i.e. you cannot read that environment variable value inside the terminal where you ran bash start_node.sh
  3. History commands are not enabled by default inside bash scripts.

Cons:

You no longer can have a service that automatically starts on VM startup, because the start_node.sh script will ask for the passphrase for your gpg key that was used to encrypt the passwords inside the password store (i.e. it's an interactive script).

Am I over-complicating this? Do you have an easier approach? Is it even necessary to hide the plain passwords?

I'm using Corda open source so I can't use the Configuration Obfuscator (which is for Enterprise only): https://docs.corda.r3.com/tools-config-obfuscator.html#configuration-obfuscator (edited)

来源:https://stackoverflow.com/questions/59618997/how-to-hide-sensitive-data-from-node-conf

标签
corda
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!