remove admin passwords from config files
In the openstack config files there are many entries where there is an an admin password set up. The password is in clear text. One of my requirements is to not store passwords in configuration files.
Is there a way to remove the configuration entries pertaining to the admin password in the config
files and use a different way for the admin to log into the services where the password is not exposed?And, is there documentation anywhere on how this can be achieved?
This question pertains only to the admin passwords in the config files, not user or admin passwords logging in over the network. I also know i can set restrictive permissions on the files and limit access to shell logins. I would like to remove the password entries altogether from the config files.
here is a list of some of the files that may contain passwords:
- /etc/nova/nova.conf
- /etc/rabbitmq/rabbitmq.config
- /etc/keystone/keystone.conf
- /etc/glance/glance-api.conf
- /etc//cinder/cinder.conf
- /etc//ceilometer/ceilometer.conf
- /etc/neutron/neutron.conf
Oslo.config used for parsing the configuration files and AFAIK there is no option for password encryption.
Hi Everybody, Does Anyone found a solution/workaround to hide clear text passwords in config and .json files? Thanks GianLuca