Mosquitto passwd generator
Mosquitto, one of the widely used MQTT brokers, offers robust user authentication through username and password combinations. However, creating password files using the official terminal tool ‘mosquitto_passwd’ can be a challenging task. To address this issue, I have developed an online tool that simplifies this process, making it more accessible and user-friendly.
Online tool
How it works
- A random 12-byte value is generated to serve as the salt.
- The password, salt, and a specified number of iterations are then input into a PBKDF2 hashing function, utilizing the SHA-512 digest algorithm
- The resulting hash and the salt are encoded in base64 format
- The final format will look like this:
<username>:$7$<integer number of iterations>$<base64 encoded salt>$<base64 encoded password hash>
For your knowledge
PBKDF2 is a password-based key derivation function. In many applications of cryptography, user security is ultimately dependent on a password, and because a password usually can’t be used directly as a cryptographic key, some processing is required.
A salt provides a large set of keys for any given password, and an iteration count increases the cost of producing keys from a password, thereby also increasing the difficulty of attack.
The CryptoJS JavaScript library is used in this tool
Test this tool with docker-compose
Files structure
├── docker-compose.yml
├── mosquitto.conf
├── password.txt
Docker compose
1 |
|
Mosquitto config
1 |
|
Replace the following file content with the string provided by this tool. Example for username: user and password: password
1
user:$7$100$dB80fMhOgmi8aFS3$vASAqjpSxCpPCuUiYnBUfhiw/OVcsJN+vouHcbRpg3GspOQM50PYzaw9VZHUCpiwYNOymsyPULCThrh7BiW0dw==
