[Openstack] Setting VM passwords when not running on Xen
Day, Phil
philip.day at hp.com
Thu Jul 5 16:22:20 UTC 2012
> -----Original Message-----
> From: openstack-bounces+john.garbutt=eu.citrix.com at lists.launchpad.net
> [mailto:openstack-bounces+john.garbutt=eu.citrix.com at lists.launchpad.n
> et]
> On Behalf Of Thierry Carrez
> Sent: Wednesday, July 4, 2012 10:33 AM
> To: openstack at lists.launchpad.net
> Subject: Re: [Openstack] Setting VM passwords when not running on Xen
>
> Scott Moser wrote:
> > Is it for some reason not possible to have code that runs on first
> > instance boot that reads the metadata service (or config drive) and
> > sets the password appropriately?
>
> I see no reason why you could not. Windows scripting supported both
> running scripts at boot and setting user passwords last time I looked
> :)
>
>From a security perspective we want to keep the un-encrypted password (or an encrypted password and the means to decrypt it) out of Nova - hence generating it inside the VM and encrypting with the public key during boot seems stronger.
More information about the Openstack
mailing list