OpenStack Dashboard (Horizon)

Clear text admin password assignment in instance creation should be disabled

Bug #1291006 reported by Alessandro Pilotti
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Dashboard (Horizon)
Fix Released
Medium
Alessandro Pilotti
OpenStack Dashboard (Horizon) 2014.1 "icehouse"

Bug Description

The clear text admin password management available in the instance creation "security" tab should be removed as it has been superseded in both Nova and Horizon by an encrypted password management.

Nova blueprint (Grizzly): https://blueprints.launchpad.net/nova/+spec/get-password
Horizon blueprint (Icehouse): https://blueprints.launchpad.net/horizon/+spec/decrypt-and-display-vm-generated-password

Since this feature is now available in Horizon as well, providing an option for the users to specify the password is both misleading and non secure.

Furthermore, the "old"way of providing a clear text passwords works only on selected hypervisors and it does not work for Windows guests, which represent at the moment the main use case since SSH keypair authentication does not apply

Alessandro Pilotti (alexpilotti)
Changed in horizon:
assignee: nobody → Alessandro Pilotti (alexpilotti)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to horizon (master)

Fix proposed to branch: master
Review: https://review.openstack.org/79736

Changed in horizon:
status: New → In Progress
Revision history for this message
Paul McMillan (paul-mcmillan) wrote :

Who are we protecting here? Is the goal to protect the users from the cloud admins? The motivations for crypto in this feature seem a bit strange...

I still feel very strongly that users should not be trained to paste private keys into webforms.

Revision history for this message
Alessandro Pilotti (alexpilotti) wrote :

Hi Paul,

Don't forget also a very practical issue: the old clear text model does not work with Windows instances, the Nova project took the encrypted password route since Grizzly.

To complete the story, the only way to get those clear text passwords in a Windows instance at the moment is with hypervisor dependent ConfigDrive metadata, which means having a clear text admin password in the cdrom drive, very easily accessible by everybody.

David Lyle (david-lyle)
Changed in horizon:
milestone: none → icehouse-rc1
importance: Undecided → Medium
David Lyle (david-lyle)
Changed in horizon:
milestone: icehouse-rc1 → next
Matthias Runge (mrunge)
Changed in horizon:
milestone: next → icehouse-rc1
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to horizon (master)

Reviewed: https://review.openstack.org/79736
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=5d6fe4b05f5ee768d353f02ccbe396491ac27135
Submitter: Jenkins
Branch: master

commit 5d6fe4b05f5ee768d353f02ccbe396491ac27135
Author: Alessandro Pilotti <email address hidden>
Date: Tue Mar 11 21:14:34 2014 +0200

    Disables the clear text password UI by default

    The old way of assigning passwords in clear text to instances has been
    superseded by the nova get-password feature. A corresponding UI
    feature has been recently included in Horizon (see blueprint
    "decrypt-and-display-vm-generated-password").

    This commit disables the visualization of the old password UI by default.

    Change-Id: Ia9a8b5c1c398054fb3d726b93f7fecc332b02efe
    Closes-bug: #1291006

Changed in horizon:
status: In Progress → Fix Committed
Thierry Carrez (ttx)
Changed in horizon:
status: Fix Committed → Fix Released
Thierry Carrez (ttx)
Changed in horizon:
milestone: icehouse-rc1 → 2014.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.