onitake commented on issue #3450: Port 8096 allows unauthenticated access from any IP. URL: https://github.com/apache/cloudstack/issues/3450#issuecomment-507730833 That sounds promising. Perhaps it makes sense to deploy a local access key during CloudStack installation (or upgrade), that can then be used by the admin script. Or, the documentation should state that the user must obtain and deploy an access key on the system together with cloudmonkey early on after installation. However, I think that the main issue is that many CloudStack installations are under risk right now, because might not understand the consequences of opening port 8096 when they followed the guide. This is pretty serious, IMHO.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services