[Openstack] Handling of adminPass is arguably broken (essex)
Lars Kellogg-Stedman
lars at seas.harvard.edu
Thu Nov 1 02:04:54 UTC 2012
On Wed, Oct 31, 2012 at 06:17:29PM -0700, Joshua Harlow wrote:
> Just fyi, the cloud-init format 'spec' has something similar that bypasses
> the file injection (which is a bad/insecure/incompatible concept that
> needs to be gotten rid of imho) by having the following syntax it
> understands:
>
> http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc
> /examples/cloud-config-user-groups.txt
The cloud-init stuff works via the user-data attribute available from
the metadata server. This makes it unsuitable for security
credentials, since *anyone* on the instance can query the metadata
server.
Injection via files on a configuration disk seems to me the best way
to handle security credentials like this, because disks in many cases
require privileges to mount on a system and the configuration script
can delete the credentials file after processing it.
> Is there anyway a windows version of cloud-init could be done, either
> ported, or patched, or a service like cloud-init could be added to windows
> images (using a startup program in the windows image that could just be a
> call-out to a python interpreter or something different...).
As I said, this is pretty much what we're doing to provision an ssh
key for administrator access to our windows host.
--
Lars Kellogg-Stedman <lars at seas.harvard.edu> |
Senior Technologist | http://ac.seas.harvard.edu/
Academic Computing | http://code.seas.harvard.edu/
Harvard School of Engineering |
and Applied Sciences |
More information about the Openstack
mailing list