Security

IBM Cloud Manager with OpenStack offers security options such as secure sockets layer (SSL), Lightweight Directory Access Protocol (LDAP), and user administration. This section provides information on managing passwords that are associated with the security options.

Passwords

IBM Cloud Manager with OpenStack uses keys to encrypt and decrypt passwords and other sensitive information. If using IBM Cloud Manager - Self Service, there is a protected file named cfs.keystore that stores the randomly-generated Data Encryption Standard (DES) key that IBM Cloud Manager with OpenStack uses.

When you deploy a topology for IBM Cloud Manager with OpenStack, the /root/openrc file contains the OpenStack administrator user name and password. Ensure that you protect this password by maintaining it with root owner and group, along with permissions set to 600, which are the default settings. When you perform a backup, ensure that you encrypt the backup of /root/openrc, or exclude it from the backup.

The following list provides links to various sections in this document that describe default passwords and places where passwords are entered and stored in IBM Cloud Manager with OpenStack.