[
https://issues.apache.org/jira/browse/JCLOUDS-670?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14099634#comment-14099634
]
Werner Buck commented on JCLOUDS-670:
-------------------------------------
Check out the pull request, it is now considerably smaller and more clear on
what happens.
Instead of adding a new value, it now checks if the password or privatekey is
empty. If so, it will force the password/privatekey to be absent, regardless of
what the provider sends back.
Setting an empty password with ssh is a big security red flag anyway and sshd
has it disabled by default. If anyone wants different override behaviour to
allow it, they can create a new PrioritizeCredentialsFromTemplate and inject it
themselves.
> Option force no password when launching images on providers
> -----------------------------------------------------------
>
> Key: JCLOUDS-670
> URL: https://issues.apache.org/jira/browse/JCLOUDS-670
> Project: jclouds
> Issue Type: Improvement
> Reporter: Werner Buck
> Priority: Minor
>
> Images may return passwords from Nova. I have seen this happen with the
> official fedora openstack image as well as other times.
> When SSH is used to connect, the password from nova is used, which results in
> authentication errors while you might want to use the ssh-agent for
> authentication.
> To fix this I suggest the "forceNoPassword" option, to force the password to
> be empty even if we receive a password from the provider. This option is by
> default "false" and can be set in RunScriptOptions or TemplateOptions.
> Github: https://github.com/jclouds/jclouds/pull/486
--
This message was sent by Atlassian JIRA
(v6.2#6252)
