← Back to team overview

openstack team mailing list archive

Thread
Date

Potential security issue with CHAP

To: openstack@xxxxxxxxxxxxxxxxxxx
From: Avishay Traeger <AVISHAY@xxxxxxxxxx>
Date: Thu, 29 Nov 2012 10:50:40 +0200

Hi all,
Currently, CHAP secrets are managed by Cinder, and passed to Nova for use
when attaching volumes.  This means that unless the communication is
encrypted, or a separate trusted network is used, CHAP secrets can be
sniffed on the wire.
Opinions?

Thanks,
Avishay

Follow ups

Re: Potential security issue with CHAP
From: Russell Bryant, 2012-11-29