[
https://issues.apache.org/jira/browse/CLOUDSTACK-505?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nitin Mehta reopened CLOUDSTACK-505:
------------------------------------
Hi Chip - I am reopening the issue as it doesnt solve the problem for deployvm
and reset vm password. The reason is that these 2 apis are async apis and their
responses do not give the sensitive information. Instead when we use the
queryAsyncJobResult api for these apis we get the password info. Pasting the
example
> cloudstack logs the private key in plaintext
> --------------------------------------------
>
> Key: CLOUDSTACK-505
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-505
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: API
> Affects Versions: 4.0.0
> Reporter: Ahmad Emneina
> Assignee: Chip Childers
> Priority: Blocker
> Fix For: 4.0.1
>
>
> When creating my sshkeypair, theyre logged in the api-server.log.
> 2012-11-16 04:16:44,387 INFO [cloud.api.ApiServer] (ApiServer-8:null)
> (userId=1 accountId=1 sessionId=null) /0:0:0:0:0:0:0:1 -- GET
> /client/api?command=createSSHKeyPair&name=testkeys2&response=json&domainid=1&zone=2&account=admin
> HTTP/1.0 200
> {
> "createsshkeypairresponse": {
> "keypair": {
> "name": "testkeys2",
> "fingerprint": "f2:0c:b1:d9:be:73:4f:a9:0a:c0:c8:59:17:e0:67:07",
> "privatekey": "-----BEGIN RSA PRIVATE
> KEY-----\nMIICXgIBAAKBgQDD8CUiTQL26bhcDDW1kg8QqY2Pzm9EkeNwcTtglZEYkfSV7IHI\nDO7kRvB8ca4uKOpQD+jIpz0+leTQAc2JwLPzIFfTpN/mn+vwMwBviTZjYUDePkw+\nuwe97KB4Xg+RM7m0f4sPUHe9IZPshebl8nFhFpp8bL1g/FcDalJs3GhyPwIDAQAB\nAoGBAL0czVp75f6Wul/tUPF8lZnJbF5+KpqODGz8fQjNkwuZ4+3IJcMF6JTfe0FB\nH5Jh3zWDBXSVJeGAHyY8dzsbiRHRoXb4HRXUfSdMVLAlXDmH+REcE/4OY+Sd+GU2\ncrIsq9E3R2Nhr7lujP6BOO4IEzSrKFQ531lLBolCNZ/YpHThAkEA4/N1BeuB7ihI\nlzfdikjEmg3BfDn+s7FlQz42x4iAOBRBcMeO0e7ma+UWD7LUER3tuADAY3D4C/xs\nAluSbEyHdwJBANwMRK4jsmsGFf5GjH/iyVApZx/U71OR8OJx48NSdWmCzEkMdCE+\nH5Lska7j8mfAfqbOYfYqR4gwOXXHGr8XrXkCQAF9GYqMWzDe+npiVwQMLZyD8nuJ\nNWye//ZMdbcf4RZ8q2C9LOWaFc8mk9pOZKwn8eF9v8PmfPg3Ec2CI5apeUkCQQDK\nEj4TyFY07/7MZc7qNcH26j54PduVW+TgngOxv4xw2xtsTZJrYJgwHSzfdRaK7nug\nBNBy9XqA9wAdRz0plL3JAkEAiyCuxFhz6F2NhMxDX9IczJPPiJ+v6qHGwSThiBv0\n9XgwpQqrFmBdqAZ3SDjsgXkG2gAqZRuddbq55ffGSFtkpg==\n-----END
> RSA PRIVATE KEY-----\n"
> }
> }
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
