We use Kerberos and X.509 in Keystone V3 for the end users. It works very nicely (although the python client-* CLIs often do not support it so you have to use the openstack OSC CLI)
Tim From: Mike Smith <mism...@overstock.com<mailto:mism...@overstock.com>> Date: Wednesday 23 March 2016 at 16:28 To: openstack <openstack@lists.openstack.org<mailto:openstack@lists.openstack.org>> Subject: Re: [Openstack] password in clear text Piggybacking on this question, I also would like to know if there is a solution to prevent storing passwords in the various service config files. We store our configs in subversion, and I hate that I have those passwords in there. Mike Smith Lead Cloud Systems Architect Overstock.com<http://Overstock.com> On Mar 23, 2016, at 9:04 AM, Jagga Soorma <jagg...@gmail.com<mailto:jagg...@gmail.com>> wrote: Hi Guys, Currently when using the openstack api I have to save my password in clear text in the OS_PASSWORD environment variable. Is there a more secure way to use the openstack api without having to either store this password in clear text or enter the password manually every time I run a openstack command? Is there some way that I can use a token id? I have tried but can't seem to get it to work and not sure what else is possible. Thanks in advance for your help with this. _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org<mailto:openstack@lists.openstack.org> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
