Me 2:) Another question, how does customer decrypt the string with his private key?
It requires that he has an environment with OpenSSL installed? On 1/21/2014 3:44 PM, Georgios Dimitrakakis wrote: > Indeed this is very interesting! > I would also like to see it if possible! > > Best, > > G. > > On Tue, 21 Jan 2014 08:22:44 +0100, Joe Topjian wrote: >> Hi Juerg, >> >> Thats a really creative way of setting the password. Are you able to >> share your powershell script? >> >> Thanks, >> Joe >> >> On Tue, Jan 21, 2014 at 8:15 AM, Juerg Haefliger wrote: >> >>> On Tue, Jan 21, 2014 at 3:15 AM, jeffty wrote: >>>> >>>> Thanks Joe, It really helps. >>> > >>>> Will check them to find the proper way. >>> > >>>> Thanks. >>>> >>>> On 1/19/2014 3:32 PM, Joe Topjian wrote: >>>> > Hello, >>>> > >>>> > Weve used this in the past: >>>> > >>>> > https://github.com/jordanrinke/openstack [2] >>> > > >>>> > It allows a user to type in an Administrator password in the >>> Post Config >>>> > text box when launching an instance in Horizon. The password is >>> then >>>> > retrieved when Windows first boots via the metadata service. >>> > > >>>> > We stopped using it for two reasons, though: >>>> > >>>> > 1. The password was permanently stored in the metadata server >>>> > 2. There was no (default) way to let the user know that the >>> password >>> > > they chose was not a strong enough password >>>> > >>>> > We now just have users connect to the VNC console and set the >>> password >>>> > upon first boot. >>>> > >>>> > There have been a few discussions over the past year on the >>> > > openstack-operators list about the cloudbase Windows cloud-init >>> service. >>>> > I think one or two people have been able to get the password >>> injection >>>> > portion working. It might be worth a shot to search the >>> archives: >>> > > >>>> > http://www.gossamer-threads.com/lists/openstack/operators/ [3] >>>> > >>>> > Joe >>>> > >>>> > >>> > > On Sun, Jan 19, 2014 at 4:21 AM, jeffty > > wrote: >>>> > >>>> > Thanks Jacob. >>>> > >>>> > Is there any openstack API guide for send instance >>> password while >>> > > launch it? >>>> > >>>> > Thanks. >>>> > >>>> > On 1/19/2014 11:08 AM, Jacob Godin wrote: >>>> > > Yes, they must input a password every time. Its within >>> Windows, they >>> > > > must use the console. >>>> > > >>>> > > Sent from my mobile device >>>> > > >>>> > > On Jan 18, 2014 10:51 PM, "jeffty" > >>>> > > > >>> > > wrote: >>>> > > >>>> > > Thanks Jacob. >>>> > > >>>> > > Then the user must input a password for every >>> windows instance he >>>> > > launched? >>> > > > >>>> > > In other word different instance owns different >>> password even >>>> > they are >>>> > > launched at the same time? e.g. Input 3 while >>> launching >>>> > instance in >>> > > > Horizon portal for this windows image. >>>> > > >>>> > > If yes, how to send this password to the instance >>> in portal? >>>> > That should >>>> > > be implemented by meta service. >>> > > > >>>> > > If no, all of the instances have the same default >>> password, right? >>>> > > >>>> > > >>>> > > On 1/19/2014 10:02 AM, Jacob Godin wrote: >>> > > > > Weve used sysprep to have the administrator >>> provide a password >>>> > > when the >>>> > > > instance is first booted. >>>> > > >>> >>> We use a simple powershell script that generates a random >>> Administrator password on first boot, pulls the SSH key from the >>> metadata server, encrypts the password with the key and writes the >>> encrypted password to the serial port. >>> >>> The user retrieves the encrypted password through the nova >>> console-log and decrypts it with his private key. The image is setup >>> such that the user is prompted to change the (random) password the >>> first time he logs into the instance. >>> >>> ...Juerg >>> >>>> > >>>> > _______________________________________________ >>>> > Mailing list: >>>> > >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [10] >>> > > Post to : openstack@lists.openstack.org [11] >>>> > >>> > > Unsubscribe : >>>> > >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [13] >>>> > >>>> > >>> > >>>> >>> > _______________________________________________ >>>> Mailing list: >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [14] >>> > Post to : openstack@lists.openstack.org [15] >>> > Unsubscribe : >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [16] >> >> >> >> Links: >> ------ >> [1] mailto:wantwater...@gmail.com >> [2] https://github.com/jordanrinke/openstack >> [3] http://www.gossamer-threads.com/lists/openstack/operators/ >> [4] mailto:wantwater...@gmail.com >> [5] mailto:wantwater...@gmail.com >> [6] mailto:wantwater...@gmail.com >> [7] mailto:wantwater...@gmail.com >> [8] mailto:wantwater...@gmail.com >> [9] mailto:wantwater...@gmail.com >> [10] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> [11] mailto:openstack@lists.openstack.org >> [12] mailto:openstack@lists.openstack.org >> [13] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> [14] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> [15] mailto:openstack@lists.openstack.org >> [16] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >> [17] mailto:jue...@gmail.com > _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
