Hi Wido,
>> If a guest has confirmed the password was retrieved delete it >> straight away. I am not sure this is what you asked. :) >> > > How would the guest confirm? Merely retrieving it doesn't guarantee > that the client was able to set it. > > I'd say keep if for 15 minutes, so that the guest can try a couple of > times before we expire the password. Nothing against keeping the password around for a few more minutes or hours. Looking at this password script[1] for example, it looks like the guest can confirm that password was successfully retrieved and set like this: wget -t 3 -T 20 -O - --header "DomU_Request: saved_password" $PASSWORD_SERVER_IP:8080 [1] - https://raw.githubusercontent.com/shankerbalan/cloudstack-scripts/master/archlinux/cloudstack-set-guest-password
