Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

operator generate-root -decode: allow passing encoded token via stdin #12882

Closed
davidducros opened this issue Oct 20, 2021 · 1 comment · Fixed by #12881
Closed

operator generate-root -decode: allow passing encoded token via stdin #12882

davidducros opened this issue Oct 20, 2021 · 1 comment · Fixed by #12881
Labels
core/token enhancement

Comments

@davidducros
Copy link
Contributor

Is your feature request related to a problem? Please describe.
In our environment processes and their arguments are logged. Passing both the encoded token and the otp as command line arguments would allow anyone with access to these logs to decode our Vault root token.

Describe the solution you'd like
The solution proposed in #12881 allows passing the encoded token via stdin rather than a command line argument. Passing the otp via stdin was another option but it's used across a few commands.
@davidducros davidducros mentioned this issue Oct 20, 2021
Merged
@ccapurso
Copy link
Contributor

Hi @davidducros, thank you for your submission! I have provided feedback from my review of the referenced pull request.

@ccapurso ccapurso linked a pull request Oct 20, 2021 that will close this issue
operator generate-root -decode: allow token from stdin #12881
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
core/token enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

operator generate-root -decode: allow token from stdin bloomberg/vault
2 participants
@ccapurso @davidducros