[Openstack-security] [Bug 1158328] Re: passwords in config files stored in plaintext
Matt Fischer
matt at mattfischer.com
Mon Feb 24 21:53:31 UTC 2014
I see this bug is old and Wishlisted so it may never get fixed, but I'd
like to add that plaintext passwords are generally a no-no when the
service account auth is managed by Corporate AD or LDAP. It may
complicate some deployments but it would be nice to have a solution to
this.
--
You received this bug notification because you are a member of OpenStack
Security Group, which is subscribed to OpenStack.
https://bugs.launchpad.net/bugs/1158328
Title:
passwords in config files stored in plaintext
Status in OpenStack Compute (Nova):
Confirmed
Bug description:
The credentials for database conenctions and the keystone authtoken
are stored in plaintext within the nova.conf and apipaste config
files.
These values should be encrypted. A scheme similar to /etc/shadow
would be great.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1158328/+subscriptions
More information about the Openstack-security
mailing list