Can we get rid of the hash(password) dance?
David Cheney
david.cheney at canonical.com
Thu Jul 17 05:50:54 UTC 2014
Yes, please!
On Thu, Jul 17, 2014 at 2:49 PM, John Meinel <john at arbash-meinel.com> wrote:
> Michael is working on changing how we handle sessions with Mongo, and
> noticed that his first attempt started running into Auth failures.
> It turned out that this was because of the hash(password) dance. (For those
> who don't know, in certain circumstances we used to seed the password for
> the database with the hash(password) and then once we had a secure channel
> we would replace it with the real password.)
>
> I believe all of our production bootstrap code has gotten rid of the
> password dance, because we now just use cloud-init to bring up a machine and
> then SSH into that machine to finish provisioning. Thus all the information
> is already over the secure SSH channel, instead of the insecure cloud-init
> user data.
>
> From what I can tell poking around the code base, the only place that still
> uses the hash(password) is actually in the Dummy provider.
>
> I feel like we're at a point where we can safely remove that from the Dummy
> provider, and also remove the fallback code in our 'connect to the database'
> code. (If we leave it in, then I think after changing the password just
> reconnecting to the database is fine, because it should happen infrequently.
>
> Thoughts?
>
> John
> =:->
>
>
> --
> Juju-dev mailing list
> Juju-dev at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/juju-dev
>
More information about the Juju-dev
mailing list