Bug 1042080

Summary: [RFE][horizon]: Decrypt and display VM generated password
Product: Red Hat OpenStack Reporter: RHOS Integration <rhos-integ>
Component: python-django-horizonAssignee: RHOS Maint <rhos-maint>
Status: CLOSED ERRATA QA Contact: Ami Jeain <ajeain>
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: aberezin, aortega, jpichon, markmc, mrunge, yeylon
Target Milestone: rcKeywords: FutureFeature
Target Release: 5.0 (RHEL 7)   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/horizon/+spec/decrypt-and-display-vm-generated-password
Whiteboard: upstream_milestone_icehouse-rc1 upstream_status_implemented upstream_definition_new
Fixed In Version: python-django-horizon-2014.1-5.el7ost Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-07-08 15:44:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description RHOS Integration 2013-12-12 20:52:07 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/horizon/+spec/decrypt-and-display-vm-generated-password.

Description:

Use Case

I launch an instance, choosing a Windows image and a pub key:
- on VM boot, Windows generates a random password for the Admin session
- the password is encrypted with the pub key and sent to the metadata server (for example with cloudbase-init)
- I can already retrieve this admin password via API with: nova get-password <VM-id> <Private-key>

Horizon Blueprint: "Being able to display and decrypt this password on Horizon"

- A popup display the encrypted password
- The user has to provide its private key to decrypt this password
- The private key should not transit over the network and being proceeded on the server side
- The private key should be used on the client side (any JS lib available for decryption? Use of HTML 5 FIle API / FileReader?)
- The password may not be available immediately after the launch of the instance (have to wait the VM to boot and generate the password)
- Several ways to provide the private key: copy and past inside an input, "browse > select a file", drag & drop
- Should be inspired by the way Amazon does this (either for the internal client side processing - if it does - and for UX aspects): more details to be sent later

Specification URL (additional information):

None
Comment 8 errata-xmlrpc 2014-07-08 15:44:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2014-0855.html