cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ram Ganesh <Ram.Gan...@citrix.com>
Subject RE: Review Request: CLOUDSTACK-822 system.vm.password is not encrypted
Date Wed, 16 Jan 2013 19:29:31 GMT
Chiradeep,

I have filed a doc bug, CLOUDSTACK-991, to track this one.

> -----Original Message-----
> From: Chiradeep Vittal [mailto:Chiradeep.Vittal@citrix.com]
> Sent: 17 January 2013 00:11
> To: CloudStack DeveloperList; Chip Childers
> Cc: Kishan Kavala; Rajesh Battala; Chiradeep Vittal; Rohit Yadav
> Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not
> encrypted
> 
> This also needs to be documented. Can you raise a documentation issue?
> What about the upgrade from 4.0 case? Are we encrypting previously
> unencrypted passwords?
> 
> On 1/16/13 10:05 AM, "Saksham Srivastava"
> <saksham.srivastava@citrix.com>
> wrote:
> 
> >As Kishan pointed out on the review board , changing the category to
> >"Secure" will be a way out.
> >Secure configurations are listed whenever admin will execute
> >listConfiguration API , unlike Hidden configurations which do not get
> >listed.
> >If however the password is not encrypted, a management server restart
> >might fail whenever system.vm.random.password is set to true as CS
> will
> >try to decrypt system.vm.password .
> >
> >Thanks,
> >Saksham
> >
> >-----Original Message-----
> >From: Chip Childers [mailto:chip.childers@sungard.com]
> >Sent: Wednesday, January 16, 2013 8:23 PM
> >To: cloudstack-dev@incubator.apache.org
> >Cc: Saksham Srivastava; Kishan Kavala; Rajesh Battala; Chiradeep
> Vittal;
> >Rohit Yadav
> >Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not
> >encrypted
> >
> >Can we get an answer to Chiradeep's question below before this is
> >committed?
> >
> >On Thu, Jan 10, 2013 at 1:49 PM, Chiradeep Vittal
> ><Chiradeep.Vittal@citrix.com> wrote:
> >> The question around how the cloud admin can log in to the system vm
> >> without visibility into the actual password needs to be resolved.
> Can
> >> the UI display the unencrypted password whenever the console is
> viewed?
> >>
> >> On 1/10/13 4:40 AM, "Saksham Srivastava"
> >> <saksham.srivastava@citrix.com>
> >> wrote:
> >>
> >>>
> >>>-----------------------------------------------------------
> >>>This is an automatically generated e-mail. To reply, visit:
> >>>https://reviews.apache.org/r/8859/
> >>>-----------------------------------------------------------
> >>>
> >>>(Updated Jan. 10, 2013, 12:40 p.m.)
> >>>
> >>>
> >>>Review request for cloudstack and Kishan Kavala.
> >>>
> >>>
> >>>Changes
> >>>-------
> >>>
> >>>Changing the category to "Secure" instead of "Hidden" and Encrypting
> >>>the password.
> >>>
> >>>
> >>>Description
> >>>-------
> >>>
> >>>Parameter 'system.vm.password' is not encrypted. Need to encrypt it.
> >>>
> >>>
> >>>This addresses bug CLOUDSTACK-822.
> >>>
> >>>
> >>>Diffs (updated)
> >>>-----
> >>>
> >>>  server/src/com/cloud/server/ConfigurationServerImpl.java b25c63f
> >>>
> >>>Diff: https://reviews.apache.org/r/8859/diff/
> >>>
> >>>
> >>>Testing
> >>>-------
> >>>
> >>>Tested Locally.
> >>>
> >>>
> >>>Thanks,
> >>>
> >>>saksham srivastava
> >>>
> >>
> >>


Mime
View raw message