Cookie based mostly authentication is used when no rpc password is supplied. The 0.12 launch of Bitcoin Core had the next to say about it:
When no -rpcpassword is specified, the daemon now makes use of a particular
‘cookie’ file for authentication. This file is generated with random
content material when the daemon begins, and deleted when it exits. Its
contents are used as authentication token. Learn entry to this file
controls who can entry via RPC. By default it’s saved within the
information listing however its location could be overridden with the choice
-rpccookiefile.That is just like Tor’s CookieAuthentication: see
https://www.torproject.org/docs/tor-manual.html.enThis permits working bitcoind with out having to do any guide
configuration.
If all you utilize is bitcoin-cli with out want for the RPC consumer/password stuff, you must most likely simply remark out or take away rpcuser=XXX and rpcpassword=YYY from bitcoin.conf and restart bitcoin. It “ought to simply work [tm]”.
In the event you want a specified rpc consumer/move combo, you should swap to utilizing rpcauth as a substitute of rpcuser/rpcpassword.
The rpcauth is described as
Username and hashed password for JSON-RPC connections. The sphere comes within the format:
<USERNAME>:<SALT>$<HASH>. A canonical python script is included in share/rpcuser. This selection could be specified a number of occasions
In share/rpcuser (on github) there’s a Python script which helps you to create such a consumer/password combo (word that you’re given the password, you don’t get to specify it your self).
Seize that python script, then run it. E.g.
$ python ./rpcuser.py foo
String to be appended to bitcoin.conf:
rpcauth=foo:a14191e6892facf70686a397b126423$ddd6f7480817bd6f8083a2e07e24b93c4d74e667f3a001df26c5dd0ef5eafd0d
Your password:
VX3z87LBVc_X7NBLABLABLABLA
Then exchange rpcuser with foo and rpcpassword with VX3z87LBVc_X7NBLABLABLABLA wherever you’re connecting to the bitcoind RPC.