[IPython-dev] Heads-up: no more plaintext passwords in the notebook

Fernando Perez fperez.net@gmail....
Fri Nov 18 22:23:00 CST 2011


Hi all,

for those of you running a publicly-facing notebook server with a
password, we've just merged this:

https://github.com/ipython/ipython/pull/1011

Once you pull from master, you'll need to update the password in the
config file, as plaintext passwords are simply not supported anymore.
You can create the salted password in a python session with:

from IPython.lib import passwd
passwd('mypassphrase')

Do NOT do this in an ipython session, as it will log the plaintext to
your history!!!

You can call passwd() without without arguments and it will prompt you
for a password using the getpass module so it's not echoed back onto
your screen.  This will ensure that the plaintext password is never
visible nor logged.

In ipython:

In [1]: from IPython.lib.security import passwd; passwd()
Enter password:
Verify password:
Out[1]: 'sha1:e0209ae16e4e:b9a5d128ff961159b3bd66f7314d33305d60b5b0'

or from the shell:

longs[graphs]> python -c "from IPython.lib import passwd;print passwd()"
Enter password:
Verify password:
sha1:3d4903d15c38:1f68a38d107ee14f6196de9c0ca8f8110662c9d3

You can then replace your current plaintext passwords with this whole string.

Cheers,

f


More information about the IPython-dev mailing list