Multiple users on running multichain-cli on Linux box...

+3 votes
Hi

I'm new to multichain and I looked-up Q&A before posting the following question.

I have two servers. Server1 is the main node running the multichaind that launched the chain1, as daemon. On the Server2 I created two linux users (user1 and user2). Following the "getting started guide", I gave connect, send and receive permission to user1. I can launch multichain-cli user user1 and list addresses.

I followed exact same steps for user2 on Server2. I gave connect, send and receive permission. When I run multichain-cli, I get "error: incorrect rpcuser or rpcpassword (authorization failed)"

I added rpcserver and rpcport (of server1) and still no luck. I get "error: no response from server"

What am I missing? Thanks for your help.

SP
asked Jan 27, 2019 by spregpal

2 Answers

0 votes

I think you may be confusing two things – blockchain addresses and their permissions, versus blockchain nodes and their API credentials. You can have multiple addresses on one node, and you can have multiple nodes sharing addresses. But this has no relationship to the access to each node's API, which is used by multichain-cli.

But each node run in its own blockchain directory (see the datadir runtime parameter) and has its own passwords for connecting to its API, as set in the multichain.conf file.

The top of this page should provide you with some more guidance:

https://www.multichain.com/developers/json-rpc-api/

answered Jan 28, 2019 by MultiChain
So if multiple clients want to connect to a single node, all the clients need to use same creds? Especially if these are RPC clients.
Yes, this is how it currently works. We'll be adding more functionality in this area in future.
Thank you for the confirmation.
+1 vote
Yes, if they have to connect to the single node then the credentials of that node is required to make connection.
answered Jan 30, 2019 by gimmick
Is there a feature coming to externalize the authentication. To be exact, how can the RPC calls be protected in such a way that password is not read from a file (multichain.conf)? Also how can we have one cred per client? I was under the impression that when a user connects to a chain, the user would use his/her key to authenticate and perform transactions. However it looks like we need to delegate that to a RPC-client(s) that uses single username/password
There is extensive support for external private keys as described here:
https://www.multichain.com/developers/external-key-management/

As for multiple API users each with their own credentials, this is a feature scheduled for the Enterprise edition of MultiChain.
...