| #Licensed to the Apache Software Foundation (ASF) under one |
| #or more contributor license agreements. See the NOTICE file |
| #distributed with this work for additional information |
| #regarding copyright ownership. The ASF licenses this file |
| #to you under the Apache License, Version 2.0 (the |
| #"License"); you may not use this file except in compliance |
| #with the License. You may obtain a copy of the License at |
| #http://www.apache.org/licenses/LICENSE-2.0 |
| #Unless required by applicable law or agreed to in writing, |
| #software distributed under the License is distributed on an |
| #"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| #KIND, either express or implied. See the License for the |
| #specific language governing permissions and limitations |
| #under the License. |
| msgid "" |
| msgstr "" |
| "Project-Id-Version: 0\n" |
| "POT-Creation-Date: 2013-02-02T20:11:56\n" |
| "PO-Revision-Date: 2013-02-02T20:11:56\n" |
| "Last-Translator: Automatically generated\n" |
| "Language-Team: None\n" |
| "MIME-Version: 1.0\n" |
| "Content-Type: application/x-publican; charset=UTF-8\n" |
| "Content-Transfer-Encoding: 8bit\n" |
| |
| #. Tag: title |
| #, no-c-format |
| msgid "About Password and Key Encryption" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "&PRODUCT; stores several sensitive passwords and secret keys that are used to provide security. These values are always automatically encrypted:" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "Database secret key" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "Database password" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "SSH keys" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "Compute node root password" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "VPN password" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "User API secret key" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "VNC password" |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "&PRODUCT; uses the Java Simplified Encryption (JASYPT) library. The data values are encrypted and decrypted using a database secret key, which is stored in one of &PRODUCT;’s internal properties files along with the database password. The other encrypted values listed above, such as SSH keys, are in the &PRODUCT; internal database." |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "Of course, the database secret key itself can not be stored in the open – it must be encrypted. How then does &PRODUCT; read it? A second secret key must be provided from an external source during Management Server startup. This key can be provided in one of two ways: loaded from a file or provided by the &PRODUCT; administrator. The &PRODUCT; database has a new configuration setting that lets it know which of these methods will be used. If the encryption type is set to \"file,\" the key must be in a file in a known location. If the encryption type is set to \"web,\" the administrator runs the utility com.cloud.utils.crypt.EncryptionSecretKeySender, which relays the key to the Management Server over a known port." |
| msgstr "" |
| |
| #. Tag: para |
| #, no-c-format |
| msgid "The encryption type, database secret key, and Management Server secret key are set during &PRODUCT; installation. They are all parameters to the &PRODUCT; database setup script (cloud-setup-databases). The default values are file, password, and password. It is, of course, highly recommended that you change these to more secure keys." |
| msgstr "" |
| |
