[Openstack-security] List of steps to perform to prepare or condition long term keys?
Clark, Robert Graham
robert.clark at hp.com
Fri Nov 1 19:05:13 UTC 2013
Credential rolling is important, it forms a pillar of many password
management programs and compliance targets. For the most part people will
take care of this using configuration management like Puppet or Chef, on
smaller scales I guess there are more options.
I¹m hoping that CloudKeep can be used in intelligent ways to fix peoples
here but that¹s some way off being production ready.
I think you¹re right to point this out, it could be addressed better in
the security guide.
Cheers
-Rob
On 25/10/2013 08:25, "Jeffrey Walton" <noloader at gmail.com> wrote:
>I was reading through the OpenStack Security Guide dated Oct 25 2013
>for Havana (http://docs.openstack.org/sec/). Good job on that, by the
>way.
>
>Does anyone have a list of steps to perform to prepare or condition
>long term keys? For example, SSH keys should be regenerated, Samba's
>secret should probably be recreated (if present), Ubuntu's Snake Oil
>key should probably be deleted (if present), etc.
>
>I'm interested in both the bare metal OS and VM instances. (VM
>instances are somewhat covered under Chapter 43).
>
>Thanks in advance.
>
>_______________________________________________
>Openstack-security mailing list
>Openstack-security at lists.openstack.org
>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
More information about the Openstack-security
mailing list