[
https://issues.apache.org/jira/browse/GUACAMOLE-1797?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17728419#comment-17728419
]
Mike Jumper commented on GUACAMOLE-1797:
----------------------------------------
There is already base vault support present from GUACAMOLE-641. Providing our
own, basic, disk-based vault implementation could make sense - it would allow
the user of Docker secrets and similar solutions.
> Support storage of secrets on disk
> ----------------------------------
>
> Key: GUACAMOLE-1797
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1797
> Project: Guacamole
> Issue Type: New Feature
> Components: guacamole-vault
> Reporter: bendemctl
> Priority: Trivial
>
> We are currently setting up guacamole here and I just realised that the
> connection credentials are stored in plain text in the database. Would it be
> possible to allow providing a path to the private key on disk (just like
> ssh_known_hosts) instead of storing it in the database?
> This would allow us to create new connection without requiring access to the
> private key (just have to known where it's at). It would also allow us to
> rotate the key directly on the server without having to mess with database
> updates.
> We also considered GUACAMOLE-426.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
