Wido - Lucian is right. Once the user VM resets password, they need to send an acknowledgement, for example: wget -t 3 -T 20 -O - --header "DomU_Request: saved_password" $PASSWORD_SERVER_IP:8080 This is to say that the password server can now remove the password from its internal storage (file based).
Lucian - in the proposal what I meant to say was that in case a password was sent to a user VM but the user VM does not respond with an ack (so as to remove the password from its storage/memory) should it expiry it after a period of say 15 mins? Pierre - I would be happy to implement a SSL based http server which is my next step though I’m not sure about the logistics of adding the SSL scripts etc, which could be similar how it is done for the CPVM/SSVM. The first step is to remove bash/socat based password server with a Python based server that uses Threads instead of Forks (so less memory intensive) and cleans up properly. > On 11-Mar-2015, at 7:09 pm, Nux! <n...@li.nux.ro> wrote: > > Hi Wido, > > >>> If a guest has confirmed the password was retrieved delete it >>> straight away. I am not sure this is what you asked. :) >>> >> >> How would the guest confirm? Merely retrieving it doesn't guarantee >> that the client was able to set it. >> >> I'd say keep if for 15 minutes, so that the guest can try a couple of >> times before we expire the password. > > Nothing against keeping the password around for a few more minutes or hours. > > Looking at this password script[1] for example, it looks like the guest can > confirm that password was successfully retrieved and set like this: > > wget -t 3 -T 20 -O - --header "DomU_Request: saved_password" > $PASSWORD_SERVER_IP:8080 > > > [1] - > https://raw.githubusercontent.com/shankerbalan/cloudstack-scripts/master/archlinux/cloudstack-set-guest-password > Regards, Rohit Yadav Software Architect, ShapeBlue M. +91 88 262 30892 | rohit.ya...@shapeblue.com Blog: bhaisaab.org | Twitter: @_bhaisaab Find out more about ShapeBlue and our range of CloudStack related services IaaS Cloud Design & Build<http://shapeblue.com/iaas-cloud-design-and-build//> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/> CloudStack Software Engineering<http://shapeblue.com/cloudstack-software-engineering/> CloudStack Infrastructure Support<http://shapeblue.com/cloudstack-infrastructure-support/> CloudStack Bootcamp Training Courses<http://shapeblue.com/cloudstack-training/> This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. Any views or opinions expressed are solely those of the author and do not necessarily represent those of Shape Blue Ltd or related companies. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. Shape Blue Ltd is a company incorporated in England & Wales. ShapeBlue Services India LLP is a company incorporated in India and is operated under license from Shape Blue Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company registered by The Republic of South Africa and is traded under license from Shape Blue Ltd. ShapeBlue is a registered trademark.
