Im trying to configure Xampp as I have done before and everything use to work.
Now, I am a bit concerned because even though I have set a password for my PhpMyadmin(exactly as I have done in the past), the system doesn't ask me to log in at anytime. What has changed?
Before I had to log in with username "root" and password and now it doesn't ask for it?
With phpMyAdmin, there are different means of authenticating ("auth_types"). These are generally set in the configuration file, config.inc.php, using a line like $cfg['Servers'][$i]['auth_type'] = 'cookie';.
Using cookie or http prompt the user for username and password when connecting; config means it's hardcoded in to the configuration file and you're automatically connected. The default in the official phpMyAdmin distribution is cookie, however it sounds like XAMPP makes it config. You should be able to change that simply by editing the config.inc.php file and changing (or adding) the line mentioned above..
Related
This is why I had to face this two-factor issue: the GitHub announcement
I've seen many links regarding this problem but, because info is scattered, I decided to make a summary with steps that worked for me.
First of all, here is the best link I've found on how to set the two-factor security in github.com
Here is what I set for my token (If you select less rights than required, the access fails too, no matter the token is ok)
The key here is to use the new token INSTEAD of your user password. But because I'm just fetching all changes from my github.com repos, I've saved the credentials on local. I must admit this is NOT recommendable because security (in Linux, this is set in plain text, that is a very bad practice), but here we goes ...
Here is the link about how to set git credentials on local
Now, here is where you must set your credentials: file is ~/.git-credentials
yyyyyy#xxxxxx:~$ cat .git-credentials
https://put-your-github-user-here:put-yout-token-here#github.com
Another example on what to do in this file
Here is a link about the format for this file
After setting all this stuff, try to check the repo status or fetch any changes to local.
We are going to change cassandra setting from authenticator: AllowAllAuthentication to authenticator: PasswordAuthenticator
to enable role-based authentication. There will be two roles:
admin which is a superuser
read-only which is only allowed to read.
I would like to provide backward compatibility for users of the cassandra cluster. More specifically,
many users use
shell script that uses cqlsh
python cassandra package
php cassandra package
to only read data from cassandra. Currently they don't specify any username or password. Therefore
I would like to make read-only role some sort of a "default" role, i.e. if no username and password provided,
then the role is automatically set to read-only so the users can read data and thus clients don't need to change their code.
Is there a way to do this? I'm currently having trouble in the following two parts:
the default user is cassandra if there is no role / user specified in cqlsh. I did not find a way to set default user / role.
and for the default user cassandra, I still have to set a password for it.
Any suggestions would be appreciated! Thanks in advance.
I come from an oracle background, were I've done "sqlplus "/as sysdba"" for years. I like it because the O/S authenticates me. Now, there is something similar in Cassandra, but it isn't secure. Basically in your home directory there is a subdirectory called ".cassandra" (hidden). In that directory there is a file (if there isn't, create one) called "cqlshrc" (so ~/.cassandra/cqlshrc). That file you can add authentication information that will allow someone to log in by simply typing "cqlsh" without anything else (unless you're doing remote where you need "host" and "port"). The cqlshrc file has, among other things an authentication section that looks like this:
[authentication]
username = <your_user_name>
password = <your_password>
So you could simply put your desired username and password in that file and you're essentially able to connect without supplying your username and password (You could also run "cqlsh -u your_user_name" and it will find your password in your cqlshrc file as well).
You can see a few obvious issues here:
1) The password is in clear text
2) If you change the password you need to change the password in the cqlshrc file
I do not recommend you use the "cassandra" user for ANYTHING. In fact, I'd drop it. The reason is because the cassandra user does everything with CL=quorum. We found this out when investigating huge I/O requests coming from OpsCenter and our backup tool (as you can see, we use DSE). They were all using cassandra and pounding on the node(s) that had the cassandra authentication information. It's baked into the code apparently to have CL=quorum - kinda dumb. Anyway, the above is one way to have users log in with a specific user and not provide credentials making it pretty easy to switch.
Hope that helps
-Jim
With mongoose.connect('mongodb://username:password#host:port/database?options...');, which I use in a script, I don't suppose there is any real way to hide the password?
Should I even be concerned if the Mongodb is only listening on 127.0.0.1? If my server can get exploited then the can just cat that script to get the password.
You can put the password in a environment variable when launching node, or read it from a file not checked into source control. If mongodb is only listening on localhost, an attacker would not be able to connect directly to the database from a remote machine. It would still be advisable to configure your firewall to block remote access, just in case some configuration change opens mongodb up publicly.
Here may be one related topic Store db password as plain text in node.js
Solution 1:
Use an environment variable.
Run your app with MONGO_PASSWORD=yourpasswd node app
Then you can access it inside the app with process.env.MONGO_PASSWORD
Solution 2:
Make a module (I call it "secrets") that exports all of your secret credentials. Don't check it into source control. Then, your app can just require('secrets').
Solution 3:
Trousseau is an encrypted key-value store designed to be a simple, safe and trustworthy place for your data.
All the answers above are good suggestions, but they still leave the password visible on the host in a easy to figure out location...rather in shell env variable or a file.
What I decided to do is upon every server boot up, make a job that creates a file for the mongoose script to be read that has the password. Then, have a cron job that deletes the file after 5 minutes after boot up. That password still exists on the system, but it would be much harder to trace where.
You will create a .env file on your node file.Then you put your User name and Password just like this DB_USER=Your Username and DB_PASS=Your password.
Then you will insert it to your index.js file by enter image description here
I am installing phpMyAdmin on a CentOs server and I have installed it successfully, from what I can tell. I can at least travel to the index page where it asks for my username and password. When I try to log in with any combination of default usernames and passwords, I receive this error #2003 Cannot log in to the MySQL server.
I followed this guide (http://www.krizna.com/centos/how-install-phpmyadmin-centos-6/) to help me install phpMyAdmin. From researching this, I am under the impression that after you log in with the default username:root and password:null, you will be able to change the username and password. I tried changing the config.inc.php value AllowNoPassword to TRUE, but that also didn't seem to help. How do I set a username and password so I can successfully log into phpMyAdmin?
I figured out the issue. Only some of the required software was installed on the server when I was assigned to the project. After installing mysql-server, I was able to change the root password for mysql. I changed the config file for phpmyadmin to receive the log in data through html not cookies or config. Everything works great now, I hope this helps at least one other individual.
I'm trying to edit some files on a remote server with Vim. I've managed this on other servers without trouble in the past, but in this case when I type:
$ vim ftp://username#xxxxxx.com/
I'm prompted for a password, I type it in and I see this:
Name (notixvalet.com:george): User cannot log in.
Please login with USER and PASS.
Please login with USER and PASS.
Please login with USER and PASS.
ftp: Login failed
'george' is my username on my local machine (Mac OS X 10.8.) Vim seems to be ignoring the username I give it and trying to log on as 'george', no matter what I do. To test this I created a new account on my MacBook with the same username as the username on the server I'm trying to log in as, then from that account I can log in fine. This is obviously a VERY hacky solution - how can I connect using the right username from my regular account?
(Incidentally, the username and password I'm using are 100% definitely right - I can use them to connect to the server through an FTP client such as FileZilla.)
The plugin you are using to edit the remote files is netrw, as noted by Ingo in the comments. You can read the plugin help file through :h netrw. In special:
NETRC *netrw-netrc*
The <.netrc> file, typically located in your home directory, contains lines
therein which map a hostname (machine name) to the user id and password you
prefer to use with it.
The typical syntax for lines in a <.netrc> file is given as shown below.
Ftp under Unix usually supports <.netrc>; ftp under Windows usually doesn't.
>
machine {full machine name} login {user-id} password "{password}"
default login {user-id} password "{password}"
Your ftp client must handle the use of <.netrc> on its own, but if the
<.netrc> file exists, an ftp transfer will not ask for the user-id or
password.
Note:
Since this file contains passwords, make very sure nobody else can
read this file! Most programs will refuse to use a .netrc that is
readable for others. Don't forget that the system administrator can
still read the file! Ie. for Linux/Unix: chmod 600 .netrc
Is there any chance that you forgot to copy the ~/.netrc file from the other servers where you can connect without problems? Or it has incorrect permissions, as mentioned on the last paragraph?