Project

General

Profile

Feature #3305

have way of separating auth keys per host

Added by Anonymous over 11 years ago. Updated about 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
% Done:

0%

Source:
Development
Tags:
Backport:
Reviewed:
Affected Versions:
Pull request ID:

Description

It would be nice to separate hosts from each other.. myapp on host1 is not the same as myapp on host2, even if both run as the unix user "myapp", and would thus (with help from #3065) use client.myapp.

Perhaps we need multiple keys for one name? Then if host1 is compomised, you'd just remove that particular secret from the keyring under client.myapp.

If this is done, ceph-deploy should also learn a "ceph-deploy client HOST[:ACCOUNTNAME] ..." style of calling, where ACCOUNTNAME defaults to "admin" (aka client.admin).

History

#1 Updated by Sage Weil almost 11 years ago

  • Tracker changed from Bug to Feature

#2 Updated by Sage Weil almost 11 years ago

  • translation missing: en.field_story_points set to 1.00

#3 Updated by Sebastian Wagner about 3 years ago

  • Status changed from New to Closed

Also available in: Atom PDF