检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
SSL_ENABLE ALL true Whether to encrypt the channel between the client and server using SSL true: SSL encryption is enabled. false: SSL encryption is disabled. NOTICE: For clusters with Kerberos authentication enabled (security mode), SSL encryption is enabled by default.
NOTE: Run the following command to encrypt the password as the user who installs the client. When the encryption tool runs for the first time, a random dynamic key is automatically generated and stored in .loader-tools.key.
NOTE: Run the following command to encrypt the password as the user who installs the client. When the encryption tool runs for the first time, a random dynamic key is automatically generated and stored in .loader-tools.key.
Encrypt and store them in configuration files or environment variables and decrypt them when needed. // The password is stored in environment variables for identity authentication. Before running this example, set the environment variable HETUENGINE_PASSWORD.
Applications need only to encrypt specified sensitive data. Services are not affected during the encryption process. Based on file system data encryption, Hive provides table-level encryption and HBase provides column family-level encryption.
Encrypt and store them in configuration files or environment variables and decrypt them when needed. // The password is stored in environment variables for identity authentication. Before running this example, set the environment variable HETUENGINE_PASSWORD.
The default value is 3des, indicating that 3DES algorithm is used to encrypt data. The value can also be set to rc4.
This key is used to encrypt and decrypt the newly stored data. The old key is not deleted, and it is used to decrypt data encrypted using the old key.
The value cannot contain special characters such as ;|&><'$ CAUTION: When entering a parameter containing sensitive information (for example, login password), you can add an at sign (@) before the parameter name to encrypt the parameter value.
Using the RangerKMS Native UI to Manage Permissions and Keys Scenario After KMS is installed, you need to create a user on FusionInsight Manager and associate the user with the KeyAdmin role to grant it the permission to manage keys and encrypt HDFS partitions.
The value is true. hive.server2.thrift.sasl.qop: whether to encrypt the interaction between HiveServer2 and the client. The value is auth-conf. hive.server2.authentication: security authentication for accessing HiveServer.
Data Disk Key Name: Select the name of the key used to encrypt the data disk. By default, the default master key named evs/default is selected. You can select another master key from the drop-down list.
For example, if the Loader client installation directory is /opt/hadoopclient/Loader, run the following command: cd /opt/hadoopclient/Loader/loader-tools-1.99.3 Run the following command to encrypt the non-encrypted password: .
For example, if the Loader client installation directory is /opt/hadoopclient/Loader, run the following command: cd /opt/hadoopclient/Loader/loader-tools-1.99.3 Run the following command to encrypt the non-encrypted password.
For example, if the Loader client installation directory is /opt/hadoopclient/Loader, run the following command: cd /opt/hadoopclient/Loader/loader-tools-1.99.3 Run the following command to encrypt the non-encrypted password.
For example, if the Loader client installation directory is /opt/hadoopclient/Loader, run the following command: cd /opt/hadoopclient/Loader/loader-tools-1.99.3 Run the following command to encrypt the non-encrypted password.
For example, if the Loader client installation directory is /opt/hadoopclient/Loader, run the following command: cd /opt/hadoopclient/Loader/loader-tools-1.99.3 Run the following command to encrypt the non-encrypted password.
Table 1 Description Parameter Description Default Value Optimization Suggestion SSL_ENABLE Whether to encrypt the channel between the client and server using SSL true true indicates that SSL encryption is enabled, and false indicates that SSL encryption is disabled.
For example, if the Loader client installation directory is /opt/hadoopclient/Loader, run the following command: cd /opt/hadoopclient/Loader/loader-tools-1.99.3 Run the following command to encrypt the non-encrypted password: .
For example, if the Loader client installation directory is /opt/hadoopclient/Loader, run the following command: cd /opt/hadoopclient/Loader/loader-tools-1.99.3 Run the following command to encrypt the non-encrypted password: .
