Created
April 25, 2017 20:27
-
-
Save lbragstad/4dfa5924ae3be86ab4ded3d631675159 to your computer and use it in GitHub Desktop.
Fernet key rotation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ keystone-manage fernet_rotate | |
| 2528 INFO keystone.token.providers.fernet.utils [-] Starting key rotation with 2 key files: ['/etc/keystone/fernet-keys/0', '/etc/keystone/fernet-keys/1'] | |
| 2528 INFO keystone.token.providers.fernet.utils [-] Current primary key is: 1 | |
| 2528 INFO keystone.token.providers.fernet.utils [-] Next primary key will be: 2 | |
| 2528 INFO keystone.token.providers.fernet.utils [-] Promoted key 0 to be the primary: 2 | |
| 2528 INFO keystone.token.providers.fernet.utils [-] Created a new key: /etc/keystone/fernet-keys/0 | |
| 2528 INFO keystone.token.providers.fernet.utils [-] Excess keys to purge: [] | |
| $ ls /etc/keystone/fernet-keys/ | |
| 0 1 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ keystone-manage fernet_rotate | |
| 2698 INFO keystone.token.providers.fernet.utils [-] Starting key rotation with 3 key files: ['/etc/keystone/fernet-keys/0', '/etc/keystone/fernet-keys/1', '/etc/keystone/fernet-keys/2'] | |
| 2698 INFO keystone.token.providers.fernet.utils [-] Current primary key is: 2 | |
| 2698 INFO keystone.token.providers.fernet.utils [-] Next primary key will be: 3 | |
| 2698 INFO keystone.token.providers.fernet.utils [-] Promoted key 0 to be the primary: 3 | |
| 2698 INFO keystone.token.providers.fernet.utils [-] Created a new key: /etc/keystone/fernet-keys/0 | |
| 2698 INFO keystone.token.providers.fernet.utils [-] Excess keys to purge: [1] | |
| $ ls /etc/keystone/fernet-keys/ | |
| 0 2 3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ keystone-manage fernet_setup | |
| 2507 INFO keystone.token.providers.fernet.utils [-] [fernet_tokens] key_repository does not appear to exist; attempting to create it | |
| 2507 INFO keystone.token.providers.fernet.utils [-] Created a new key: /etc/keystone/fernet-keys/0 | |
| 2507 INFO keystone.token.providers.fernet.utils [-] Starting key rotation with 1 key files: ['/etc/keystone/fernet-keys/0'] | |
| 2507 INFO keystone.token.providers.fernet.utils [-] Current primary key is: 0 | |
| 2507 INFO keystone.token.providers.fernet.utils [-] Next primary key will be: 1 | |
| 2507 INFO keystone.token.providers.fernet.utils [-] Promoted key 0 to be the primary: 1 | |
| 2507 INFO keystone.token.providers.fernet.utils [-] Created a new key: /etc/keystone/fernet-keys/0 | |
| 2507 INFO keystone.token.providers.fernet.utils [-] Excess keys to purge: [] | |
| $ ls /etc/keystone/fernet-keys/ | |
| 0 1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment