[one-users] New authentication type

Javier Fontan jfontan at opennebula.org
Fri Apr 19 07:54:44 PDT 2013

Usually for external authentication methods you don't need to store
the password in OpenNebula. In fact it is better that you don't store
it as you will have to sync the password with the external database.
You can use the password as storage for some other useful information.
In the case of ldap we store full dn of the user. If you don't want to
store anything just provide a -. For example:

puts "radius #{username} -"

On Fri, Apr 19, 2013 at 10:05 AM, Christoph Pleger
<Christoph.Pleger at cs.tu-dortmund.de> wrote:
> Hello,
> I have a new problem with my radius authentication: The passwords are
> stored in clear text in oned.log, in messages like this:
> Thu Apr 18 11:19:17 2013 [AuM][D]: Message received: AUTHENTICATE SUCCESS
> 103 radius christoph.pleger blablabla
> And oned.log is readable by everyone who can login to the cloud management
> node! How can I prevent passwords from being stored in clear text, or how
> can I achieve that oned.log is created with more restrictive permissions?
> Regards
>   Christoph
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org

Javier Fontán Muiños
Project Engineer
OpenNebula - The Open Source Toolkit for Data Center Virtualization
www.OpenNebula.org | jfontan at opennebula.org | @OpenNebula

More information about the Users mailing list