phpMyAdmin – Blowfish error?


You might be having a file config.sample.inc.php under phpMyAdmin installation directory. First of all, this must be renamed to config.inc.php. Then open the file and you will see a line having empty blowfish_secret.
Blowfish is an algorithm used by phpMyAdmin for a secure connection (cookie based authentication).

# vi config.inc.php
$cfg['blowfish_secret'] = '';
$cfg['blowfish_secret'] = '1234vghyuik567scd56hbnmkiy56f3h';

Above secret needs to be 32 char long. Just put a secret and you will be all set!

if you use a shorter key (less than 32 chars), it will work but you will get a warning message.

Any restart of apache or anything else like installing module etc is NOT required.

If you see below code you can see how blowfish_secret is used:

if (! empty($_SESSION['encryption_key'])) {
    if (empty($GLOBALS['cfg']['blowfish_secret'])) {
        trigger_error(
            __(
                'The configuration file now needs a secret passphrase (blowfish_secret).'
            ),
            E_USER_WARNING
        );
    } elseif (strlen($GLOBALS['cfg']['blowfish_secret']) < 32) {
        trigger_error(
            __(
                'The secret passphrase in configuration (blowfish_secret) is too short.'
            ),
            E_USER_WARNING
        );
    }
}

 

+ There are no comments

Add yours