Knowledge Base

How do I authenticate with cypher-shell without specifying the username and password on the command line

When using $NEO4J_HOME/bin/cypher-shell at the command line and authentication is enabled via the setting $NEO4J_HOME/conf/neo4j.conf:

# Whether requests to Neo4j are authenticated.
# To disable authentication, uncomment this line
dbms.security.auth_enabled=true

a username and password can be provided on the command line using the parameters -u <username> -p <password>. However, one can also define environment variables NEO4J_USERNAME and NEO4J_PASSWORD, for example:

export NEO4J_USERNAME='neo4j'
export NEO4J_PASSWORD='password'

Once the environment variables are defined one can now run $NEO4J_HOME/bin/cypher-shell and not specify the -u and -p on the command line. This has the added benefit that when running the linux 'history' command, which shows the last N command line invocations, the username and password will not be exposed.

Further if using linux, the export commands above could be placed in the user’s home directory in their .bashrc file (for example /home/neo4j/.bashrc) and for which the .bashrc is invoked upon initial login.

If using Windows, environment variables can be defined via Control Panel → System, Advanced tab, [Environment Variables] as pictured below:

image