From: Remi Gacogne Date: Wed, 31 Mar 2021 07:07:16 +0000 (+0200) Subject: rec: Document that the webserver password and API key can be hashed X-Git-Tag: dnsdist-1.7.0-alpha1~12^2~30 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a7d3cdad76b8066b91b3c0d2549439ed3a42a8dd;p=thirdparty%2Fpdns.git rec: Document that the webserver password and API key can be hashed --- diff --git a/pdns/recursordist/docs/http-api/index.rst b/pdns/recursordist/docs/http-api/index.rst index e13b2ec21f..b7e3efad46 100644 --- a/pdns/recursordist/docs/http-api/index.rst +++ b/pdns/recursordist/docs/http-api/index.rst @@ -28,7 +28,7 @@ The following webserver related configuration items are available: * :ref:`setting-webserver`: If set to anything but 'no', a webserver is launched. * :ref:`setting-webserver-address`: Address to bind the webserver to. Defaults to 127.0.0.1, which implies that only the local computer is able to connect to the nameserver! To allow remote hosts to connect, change to 0.0.0.0 or the physical IP address of your nameserver. -* :ref:`setting-webserver-password`: If set, viewers will have to enter this plaintext password in order to gain access to the statistics. +* :ref:`setting-webserver-password`: If set, viewers will have to enter this password in order to gain access to the statistics. * :ref:`setting-webserver-port`: Port to bind the webserver to. * :ref:`setting-webserver-allow-from`: Netmasks that are allowed to connect to the webserver diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst index 75c7a15122..8fb965af73 100644 --- a/pdns/recursordist/docs/settings.rst +++ b/pdns/recursordist/docs/settings.rst @@ -95,11 +95,13 @@ Directory where the REST API stores its configuration and zones. ``api-key`` ----------- .. versionadded:: 4.0.0 +.. versionchanged:: 4.6.0 + This setting now accepts a hashed and salted version. - String - Default: unset -Static pre-shared authentication key for access to the REST API. +Static pre-shared authentication key for access to the REST API. Since 4.6.0 the key can be hashed and salted using ``rec_control hash-password APIKEY`` instead of being stored in the configuration in plaintext. .. _setting-api-readonly: @@ -2153,10 +2155,13 @@ The value between the hooks is a UUID that is generated for each request. This c ``webserver-password`` ---------------------- +.. versionchanged:: 4.6.0 + This setting now accepts a hashed and salted version. + - String - Default: unset -Password required to access the webserver. +Password required to access the webserver. Since 4.6.0 the password can be hashed and salted using ``rec_control hash-password PASS`` instead of being in plaintext. .. _setting-webserver-port: