[Openstack] Keyring support in openstack

Doug Hellmann doug.hellmann at dreamhost.com
Mon Jul 30 22:00:25 UTC 2012


On Mon, Jul 30, 2012 at 5:30 PM, Adam Young <ayoung at redhat.com> wrote:

> On 07/30/2012 05:17 PM, Kevin L. Mitchell wrote:
>
>> On Mon, 2012-07-30 at 13:50 -0700, Bhuvaneswaran A wrote:
>>
>>> The wiki mentions the password being saved using
>>>> keyring.backend.**UncryptedFileKeyring. Does that mean the password is
>>>>
>>> saved
>>>
>>>> in cleartext? Is the file protected in some way besides filesystem
>>>> permissions?
>>>>
>>> As mentioned in wiki page, the password is stored in base64 format.
>>>
>> Which means it's stored in cleartext.  That is Not Good(tm) :)
>>
> Can Keyring be used to store a token instead?  That would A)  be better
> than password and B)  avoid a Keystone hit.


Don't tokens expire?

Doug
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120730/b8d6b4f0/attachment.html>


More information about the Openstack mailing list