Wido - Lucian is right. Once the user VM resets password, they need to send an
acknowledgement, for example:
wget -t 3 -T 20 -O - --header "DomU_Request: saved_password"
$PASSWORD_SERVER_IP:8080
This is to say that the password server can now remove the password from its
internal storage (file b
Hi Wido and everyone,
Thanks for the suggestion, supporting ipv6 can be easily done though I’m not
sure which interface/IPv6 address to listen on.
Though, this is tricky as not all networks would have an interface with ipv6
enabled (unless say an admin deploys a shared network with ipv6 address
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/11/2015 05:17 PM, Rohit Yadav wrote:
> Wido - Lucian is right. Once the user VM resets password, they need
> to send an acknowledgement, for example: wget -t 3 -T 20 -O -
> --header "DomU_Request: saved_password" $PASSWORD_SERVER_IP:8080
> Thi
> Lucian - in the proposal what I meant to say was that in case a password was
> sent to a user VM but the user VM does not respond with an ack (so as to
> remove
> the password from its storage/memory) should it expiry it after a period of
> say
> 15 mins?
Rohit, seeing that there is logic buil
When the password is taken and acknowledge from the VR it should be
destroyed immediately from the VR and as it is currently, I think. Are you
planning to implement SSL capability as well since it as been brought on
the ML recently ?
On Wed, Mar 11, 2015 at 9:39 AM, Nux! wrote:
> Hi Wido,
>
>
>
Hi Wido,
>> If a guest has confirmed the password was retrieved delete it
>> straight away. I am not sure this is what you asked. :)
>>
>
> How would the guest confirm? Merely retrieving it doesn't guarantee
> that the client was able to set it.
>
> I'd say keep if for 15 minutes, so that the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/11/2015 02:09 PM, Nux! wrote:
> Hello,
>
> See inline.
>
>> JIRA: https://issues.apache.org/jira/browse/CLOUDSTACK-8272 PR:
>> https://github.com/apache/cloudstack/pull/106
>>
>> I need your comment on the following proposal:
>>
>> 1. If a
Hello,
See inline.
> JIRA: https://issues.apache.org/jira/browse/CLOUDSTACK-8272
> PR: https://github.com/apache/cloudstack/pull/106
>
> I need your comment on the following proposal:
>
> 1. If a password has been served by the password server, we expire it
> within next 15 minutes (or suggest
Hi,
I've sent a pull request that replaces the bash/socat based password
server with a Python based server that is backward compatible. In future
I'll be working on an VR-agents framework to make resetting
password/publickeys more secure.
Right now when reset password is called, the password ser
