← Back to team overview

openstack team mailing list archive

Re: OS API server password generation

 

I think we need the option _not_ to inject a password (e.g. if I'm on Linux
and am going to use SSH private keys, or if I have another higher-security
means of accessing my server)  Does the API support this (yet)?

Also, I know security through obscurity isn't really security, but if we're
open source, I think we must have "strong" password generation, whatever may
or may not have been the case in the past.  I suggest beefing up the
generate_password function to make use of os.urandom (which I know isn't
perfect either, but is probably secure enough for anyone willing to rely on
a password)

Justin




On Wed, Mar 2, 2011 at 4:52 PM, Ed Leafe <ed@xxxxxxxxx> wrote:

> On Mar 2, 2011, at 4:11 PM, Dan Prince wrote:
>
> > We created a blueprint on adding support for password generation when
> creating servers. This is needed for Openstack API/Cloud Servers API v1.0
> parity.
> >
> > We are anxious to get this work started so if you are interested please
> review the following:
> >
> >
> https://blueprints.launchpad.net/nova/+spec/openstack-api-server-passwords
> >
> > http://etherpad.openstack.org/openstack-api-server-passwords
>
>         There is a basic password generator in nova/utils.py. It returns a
> combination of digits and letters to whatever length you request. There is
> no pretension of being the last word in high security, but it should be
> equivalent to the current default password generation in Cloud Servers.
>
>
>
> -- Ed Leafe
>
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>

Follow ups

References