[Bug 978963] Re: add release note that OpenStack should be used on a protected network
Keystone and Horizon are the default external access routes to OpenStack. The default package configuration still uses http. Added to quantal release notes. ** Changed in: keystone (Ubuntu) Status: Triaged = Fix Released ** Changed in: horizon (Ubuntu) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/978963 Title: add release note that OpenStack should be used on a protected network To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/978963/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978963] Re: add release note that OpenStack should be used on a protected network
** Changed in: horizon (Ubuntu) Assignee: (unassigned) = James Page (james-page) ** Changed in: keystone (Ubuntu) Assignee: (unassigned) = James Page (james-page) ** Changed in: keystone (Ubuntu Precise) Status: Triaged = Fix Released ** Changed in: horizon (Ubuntu Precise) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/978963 Title: add release note that OpenStack should be used on a protected network To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/978963/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978963] Re: add release note that OpenStack should be used on a protected network
Why do we keep horizon and keystone tasks? By the way, I think it's possible to mitigate this issue in Keystone using Apache. See http://adam.younglogic.com/2012/04/keystone-httpd/ to set it up and be able to use https:// for Keystone. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/978963 Title: add release note that OpenStack should be used on a protected network To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/978963/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978963] Re: add release note that OpenStack should be used on a protected network
** Changed in: ubuntu-release-notes Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/978963 Title: add release note that OpenStack should be used on a protected network To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/978963/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978963] Re: add release note that OpenStack should be used on a protected network
Release Note Added: * The default install of Openstack should be used on a protected network, as many components use http (non-SSL) as a transport, and therefore subject to security concerns. This can be mitigated by post install customisations. https://wiki.ubuntu.com/PrecisePangolin/ReleaseNotes/UbuntuServer -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/978963 Title: add release note that OpenStack should be used on a protected network To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/978963/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978963] Re: add release note that OpenStack should be used on a protected network
@dstrand: Please comment if you want further additions. ** Changed in: ubuntu-release-notes Status: New = Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/978963 Title: add release note that OpenStack should be used on a protected network To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/978963/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 978963] Re: add release note that OpenStack should be used on a protected network
Keystone cannot be mitigated by post install customizations AFAIK. Horizon can be delivered through standard https. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to keystone in Ubuntu. https://bugs.launchpad.net/bugs/978963 Title: add release note that OpenStack should be used on a protected network To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/978963/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs