We should be "secure out of the box", and not require the user to change their password or manually lock down SSH to disable password auth.
A secure password would still be just as readable: I was thinking we'd use the secure bytes to generate a readable password (either using them as a seed or e.g. by mapping 5 bits at a time). By using only 5 bits, we can skip some of the trickier letter pairs e.g. 1/I or 0/O. On Wed, Mar 2, 2011 at 5:17 PM, Ed Leafe <e...@leafe.com> wrote: > On Mar 2, 2011, at 8:01 PM, Justin Santa Barbara wrote: > > > Also, I know security through obscurity isn't really security, but if > we're open source, I think we must have "strong" password generation, > whatever may or may not have been the case in the past. I suggest beefing > up the generate_password function to make use of os.urandom (which I know > isn't perfect either, but is probably secure enough for anyone willing to > rely on a password) > > The general process (at least in Rackspace Cloud Servers) is to > create an initial root password which we then display for the instance > owner; he/she can then shell in and change it to whatever they like. So I > think that at best the os.urandom generator should be an option, with the > less secure but easier to communicate password scheme also available. > > > -- Ed Leafe > > > >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
