Chiradeep, I have filed a doc bug, CLOUDSTACK-991, to track this one.
> -----Original Message----- > From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com] > Sent: 17 January 2013 00:11 > To: CloudStack DeveloperList; Chip Childers > Cc: Kishan Kavala; Rajesh Battala; Chiradeep Vittal; Rohit Yadav > Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not > encrypted > > This also needs to be documented. Can you raise a documentation issue? > What about the upgrade from 4.0 case? Are we encrypting previously > unencrypted passwords? > > On 1/16/13 10:05 AM, "Saksham Srivastava" > <saksham.srivast...@citrix.com> > wrote: > > >As Kishan pointed out on the review board , changing the category to > >"Secure" will be a way out. > >Secure configurations are listed whenever admin will execute > >listConfiguration API , unlike Hidden configurations which do not get > >listed. > >If however the password is not encrypted, a management server restart > >might fail whenever system.vm.random.password is set to true as CS > will > >try to decrypt system.vm.password . > > > >Thanks, > >Saksham > > > >-----Original Message----- > >From: Chip Childers [mailto:chip.child...@sungard.com] > >Sent: Wednesday, January 16, 2013 8:23 PM > >To: cloudstack-dev@incubator.apache.org > >Cc: Saksham Srivastava; Kishan Kavala; Rajesh Battala; Chiradeep > Vittal; > >Rohit Yadav > >Subject: Re: Review Request: CLOUDSTACK-822 system.vm.password is not > >encrypted > > > >Can we get an answer to Chiradeep's question below before this is > >committed? > > > >On Thu, Jan 10, 2013 at 1:49 PM, Chiradeep Vittal > ><chiradeep.vit...@citrix.com> wrote: > >> The question around how the cloud admin can log in to the system vm > >> without visibility into the actual password needs to be resolved. > Can > >> the UI display the unencrypted password whenever the console is > viewed? > >> > >> On 1/10/13 4:40 AM, "Saksham Srivastava" > >> <saksham.srivast...@citrix.com> > >> wrote: > >> > >>> > >>>----------------------------------------------------------- > >>>This is an automatically generated e-mail. To reply, visit: > >>>https://reviews.apache.org/r/8859/ > >>>----------------------------------------------------------- > >>> > >>>(Updated Jan. 10, 2013, 12:40 p.m.) > >>> > >>> > >>>Review request for cloudstack and Kishan Kavala. > >>> > >>> > >>>Changes > >>>------- > >>> > >>>Changing the category to "Secure" instead of "Hidden" and Encrypting > >>>the password. > >>> > >>> > >>>Description > >>>------- > >>> > >>>Parameter 'system.vm.password' is not encrypted. Need to encrypt it. > >>> > >>> > >>>This addresses bug CLOUDSTACK-822. > >>> > >>> > >>>Diffs (updated) > >>>----- > >>> > >>> server/src/com/cloud/server/ConfigurationServerImpl.java b25c63f > >>> > >>>Diff: https://reviews.apache.org/r/8859/diff/ > >>> > >>> > >>>Testing > >>>------- > >>> > >>>Tested Locally. > >>> > >>> > >>>Thanks, > >>> > >>>saksham srivastava > >>> > >> > >>