cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Luc Dion <pdion...@apache.org>
Subject Re: [DISCUSS] VR Password server improvement and expiring
Date Wed, 11 Mar 2015 13:55:24 GMT
When the password is taken and acknowledge from the VR it should be
destroyed immediately from the VR and as it is currently, I think. Are you
planning to implement SSL capability as well since it as been brought on
the ML recently ?

On Wed, Mar 11, 2015 at 9:39 AM, Nux! <nux@li.nux.ro> wrote:

> Hi Wido,
>
>
> >> If a guest has confirmed the password was retrieved delete it
> >> straight away. I am not sure this is what you asked. :)
> >>
> >
> > How would the guest confirm? Merely retrieving it doesn't guarantee
> > that the client was able to set it.
> >
> > I'd say keep if for 15 minutes, so that the guest can try a couple of
> > times before we expire the password.
>
> Nothing against keeping the password around for a few more minutes or
> hours.
>
> Looking at this password script[1] for example, it looks like the guest
> can confirm that password was successfully retrieved and set like this:
>
> wget -t 3 -T 20 -O - --header "DomU_Request: saved_password"
> $PASSWORD_SERVER_IP:8080
>
>
> [1] -
> https://raw.githubusercontent.com/shankerbalan/cloudstack-scripts/master/archlinux/cloudstack-set-guest-password
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message