Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use JSON Web Signature and Encryption (JWS & JWE) between webvirtcloud and gstfsd #111

Open
wants to merge 5 commits into
base: master
Choose a base branch
from

Conversation

nitmir
Copy link
Contributor

@nitmir nitmir commented May 8, 2016

This introduce encryption and signing between webvirtcloud and gstfsd: root password change requests and ssh key change requests are signed and encrypted using a shared secret between webvirtcloud and gstfsd.

On first start, gstfsd generate the shared secret, a JSON Web Key (JWK), and save it in the file /var/lib/gstfsd/SECRET.
You can then add the JWK to computes in webvirtcloud computes panel for webvirtcloud to be able to sign and encrypt request to this compute gstfsd instance. If you try to change a root password without having imported the JWK, an error message tell you how to do so.

This fix #106

@nitmir nitmir mentioned this pull request May 8, 2016
@nitmir
Copy link
Contributor Author

nitmir commented May 10, 2016

I added 3 commits:

  • the first one disable auto-complete on the root password input (so the browser do not give the list of previously entered root password by clicking on the input)
  • the second one allow to disable the root password of the VM by settings an empty password
  • the third one generate a random salt for root password instead of using always the same salt

@nitmir
Copy link
Contributor Author

nitmir commented Jul 8, 2016

Is there something wrong with this pull requests ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

gstfsd and security
1 participant