← Back to team overview

openstack team mailing list archive

Potential security issue with CHAP

 

Hi all,
Currently, CHAP secrets are managed by Cinder, and passed to Nova for use
when attaching volumes.  This means that unless the communication is
encrypted, or a separate trusted network is used, CHAP secrets can be
sniffed on the wire.
Opinions?

Thanks,
Avishay



Follow ups