On Sat, 28 Jul 2012, Bhuvaneswaran A wrote: > Team, > > As per patch https://review.openstack.org/#/c/9497/ we are adding > keyring support for "openstack" client. If password is not specified > in command line or environment variable, the user is prompted to enter > password. During this time, the password is stored in keyring. During > next time, the password is read from keyring, instead of prompt. It is > true, if password is not specified in command line or environment > variable. > > This behavior is documented in this wiki page: > http://wiki.openstack.org/KeyringSupport
I haven' tried this specifically for the openstack client, but when this went into nova, it annoyed me, as I started having to give a password on remote systems every time. For the devstack instances I was working on, I honestly couldn't care less about security, and wanted to not be bothered. For others looking for something similar, here is the 'keyringrc.cfg' file that you need. Put it either in ~/ or in the current working directory (strange). --- keyringrc.cfg --- # This is an example keyringrc.cfg file that allows python-keyring # to use the UncryptedFileKeyring. # See /usr/share/doc/python-keyring/README.gz for more info. # Note, this works, but I see the following significant issues with it: # * python-keyring goes looking for 'keyringrc.cfg' in the current working # directory and user's home directory. Note, specifically it does *not* # look for ~/.keyringrc.cfg (which would be more common) # * no environment variable can affect the path read for ~/keyringrc.cfg # this means you're stuck with one of the following options if you # wanted to somehow maintain that one app (that you do not care about) # use UncryptedFileKeyring while all other apps use a different: # * keep 'HOME' environment variable set when that app is used to # something other than your home. and maintain $HOME/keyringrc.cfg # * keep the current working directory when that app is used to a given # working directory. # I think it'd be much nicer if I could affect this with # 'PYTHON_KEYRING_CFG' # or if the config file had some apt specific stuff. # * UncryptedFileKeyring writes its data to a file named keyring_pass.cfg # in the home directory, and does not pay attention to 'keyring-path' # * UncryptedFileKeyring laughably creates keyring_pass.cfg its password # file with default umask meaning in most cases it is world readable # I've opened bug http://pad.lv/1023433 to track these. [backend] default-keyring=keyring.backend.UncryptedFileKeyring keyring-path=/home/ubuntu/xxx # this is ignored _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp