sure: http://txt.do/dqcuj
On Tue, Nov 28, 2017 at 5:26 PM, Daan Hoogland
wrote:
> Anthony,
> attachments get removed from the list. Can you include relevant snippets
> or use some upload service?
>
> On Tue, Nov 28, 2017 at 2:27 PM, Anthony Galea
Anthony,
attachments get removed from the list. Can you include relevant snippets or
use some upload service?
On Tue, Nov 28, 2017 at 2:27 PM, Anthony Galea
wrote:
> Hi,
>
> Ran into an issue while trying the docker container cloudstack/simulator
>
On the other side, it would mean that you've got to have this key installed on
each of your API-client (even to the web-client), as without this key the
frontend app couldn't decrypt the password that is being sent when a client
deploys a new VM or changes the VM's password. :-)
On Tue, Nov
Yes. this has already been discussed in the security mailing list. However,
we already have a similar feature if you use SSH keys.
If we want real security we would have to use a key of the user to encrypt
the password stored in the VR, and then inject in the VM. Threfore, it
seems more naturel
Aye, should be cool to have them encrypted by some RSA-key that would be
installed to the VM's template.
Though at this moment one should keep an eye on the systems where these logs
are stored.
On Tue, Nov 28, 2017 at 03:39:55PM +0530, Makrand wrote:
> Assuming all the passwords appearing in
Assuming all the passwords appearing in logs must be masked (kind of
encrypted) How does one decrypt those password from logs?
BTW, if passwords are just logged as plain text (even for temp amount of
time), or stored as plain text over VR, then that's not a very secure
thing, is it??
--
Makrand
Hello,
Would you mind if I share a sample line from the log-file containing a password
assigned (you can find similar ones in your log-files as well)?
2017-11-28 10:19:27,981 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
(API-Job-Executor-14:ctx-6858662d job-1158151 ctx-1967e9d7) (logid:eed0e79e)