Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
399
Views
5
Helpful
2
Replies

AES256CFB128 keys passed in as env var

topgunkebab99
Level 1
Level 1

ā€Ž08-16-2022 06:15 AM

Hi,

I'm trying to run the docker version of NSO in Kubernetes and was hoping to pass in the AES256CFB128_KEY value via something like an env var sourced from a secret instead of hard coding into a file. Was wondering if this is possible as after initial attempts it doesn't seem to be working for me (unable to login to devices after container reboot as passwords are scrambled) so was wondering if I'm missing something.  When I just mount the ncs.crypto_keys file it works fine but ideally would like some way of doing it so that is not stored in git.

Thanks!

Jon.

 

Labels:
0 Helpful
2 Replies 2

snovello
Cisco Employee
Cisco Employee

ā€Ž08-18-2022 03:11 AM

Hi
there is this project
https://gitlab.com/nso-developer/nso-secrets-in-vault/
to solve this issue using vault to store the keys. I know it is not exactly the approach you mentioned.

topgunkebab99
Level 1
Level 1
In response to snovello

ā€Ž08-22-2022 03:44 AM

Thanks I will check this out!

Jon.

0 Helpful
Customers Also Viewed These Support Documents