diff --git a/contrib/debian/examples/bitcoin.conf b/contrib/debian/examples/bitcoin.conf index 2831c07292..afbc7882e0 100644 --- a/contrib/debian/examples/bitcoin.conf +++ b/contrib/debian/examples/bitcoin.conf @@ -67,9 +67,30 @@ # This option can be specified multiple times (default: bind to all interfaces) #rpcbind= -# You must set rpcuser and rpcpassword to secure the JSON-RPC api +# If no rpcpassword is set, rpc cookie auth is sought. The default `-rpccookiefile` name +# is .cookie and found in the `-datadir` being used for bitcoind. This option is typically used +# when the server and client are run as the same user. +# +# If not, you must set rpcuser and rpcpassword to secure the JSON-RPC api. The first +# method(DEPRECATED) is to set this pair for the server and client: #rpcuser=Ulysseys #rpcpassword=YourSuperGreatPasswordNumber_DO_NOT_USE_THIS_OR_YOU_WILL_GET_ROBBED_385593 +# +# The second method `rpcauth` can be added to server startup argument. It is set at intialization time +# using the output from the script in share/rpcuser/rpcuser.py after providing a username: +# +# ./share/rpcuser/rpcuser.py alice +# String to be appended to bitcoin.conf: +# rpcauth=alice:f7efda5c189b999524f151318c0c86$d5b51b3beffbc02b724e5d095828e0bc8b2456e9ac8757ae3211a5d9b16a22ae +# Your password: +# DONT_USE_THIS_YOU_WILL_GET_ROBBED_8ak1gI25KFTvjovL3gAM967mies3E= +# +# On client-side, you add the normal user/password pair to send commands: +#rpcuser=alice +#rpcpassword=DONT_USE_THIS_YOU_WILL_GET_ROBBED_8ak1gI25KFTvjovL3gAM967mies3E= +# +# You can even add multiple entries of these to the server conf file, and client can use any of them: +# rpcauth=bob:b2dd077cb54591a2f3139e69a897ac$4e71f08d48b4347cf8eff3815c0e25ae2e9a4340474079f55705f40574f4ec99 # How many seconds bitcoin will wait for a complete RPC HTTP request. # after the HTTP connection is established. diff --git a/src/init.cpp b/src/init.cpp index e642729a99..659b83e474 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -484,7 +484,7 @@ std::string HelpMessage(HelpMessageMode mode) strUsage += HelpMessageOpt("-rpccookiefile=", _("Location of the auth cookie (default: data dir)")); strUsage += HelpMessageOpt("-rpcuser=", _("Username for JSON-RPC connections")); strUsage += HelpMessageOpt("-rpcpassword=", _("Password for JSON-RPC connections")); - strUsage += HelpMessageOpt("-rpcauth=", _("Username and hashed password for JSON-RPC connections. The field comes in the format: :$. A canonical python script is included in share/rpcuser. This option can be specified multiple times")); + strUsage += HelpMessageOpt("-rpcauth=", _("Username and hashed password for JSON-RPC connections. The field comes in the format: :$. A canonical python script is included in share/rpcuser. The client then connects normally using the rpcuser=/rpcpassword= pair of arguments. This option can be specified multiple times")); strUsage += HelpMessageOpt("-rpcport=", strprintf(_("Listen for JSON-RPC connections on (default: %u or testnet: %u)"), BaseParams(CBaseChainParams::MAIN).RPCPort(), BaseParams(CBaseChainParams::TESTNET).RPCPort())); strUsage += HelpMessageOpt("-rpcallowip=", _("Allow JSON-RPC connections from specified source. Valid for are a single IP (e.g. 1.2.3.4), a network/netmask (e.g. 1.2.3.4/255.255.255.0) or a network/CIDR (e.g. 1.2.3.4/24). This option can be specified multiple times")); strUsage += HelpMessageOpt("-rpcthreads=", strprintf(_("Set the number of threads to service RPC calls (default: %d)"), DEFAULT_HTTP_THREADS));