[#NETCONF-17] Device Credentials are in plain text in the config files

[NETCONF-17] Device Credentials are in plain text in the config files Created: 10/Feb/15 Updated: 15/Mar/19 Resolved: 13/Oct/17
Status:	Resolved
Project:	netconf
Component/s:	netconf
Affects Version/s:	None
Fix Version/s:	None

Type:

Bug

Reporter:

Sharon Aicler

Assignee:

Unassigned

Resolution:

Done

Votes:

Labels:

None

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original Estimate:

Not Specified

Environment:

Operating System: All
Platform: All

External issue ID:

2695

Description

When device credentials are being stored in the configuration files, they are stored in plain and clear text for anyone to get. They should be encrypted

Comments

Comment by Carol Sanders [ 02/Jun/15 ]

After YANGTOOLS-418 is resolved credentials can be stored in a password yang type (TBD) which would be encrypted on disk.

Comment by Robert Varga [ 02/Jun/15 ]

Well, that will make it a keystore. I think this will need a YANG model to make it usable with NETCONF/RESTCONF accessing (and setting) this data.

Comment by Tomas Cere [ 13/Oct/17 ]

cfg subsystem is deprecated so the config files will stay, how they are.
The datastore configuration can already be set to be encrypted by the user and will be further improved as a part of 9261

Generated at Wed Feb 07 20:13:57 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.

[NETCONF-17] Device Credentials are in plain text in the config files Created: 10/Feb/15 Updated: 15/Mar/19 Resolved: 13/Oct/17