Stop logging sensitive login information

usernames and passwords must never be logged
by the service, even in debug mode.

Change-Id: I8eda1c849d0d1916345959178f32756e8a1e9c0e
Closes-Bug: #1976370
Signed-off-by: Goutham Pacha Ravi <gouthampravi@gmail.com>
(cherry picked from commit 517966292a)
(cherry picked from commit 48f4bf6a16)

manila/utils.py

@@ -126,14 +126,10 @@ class SSHPool(pools.Pool):
         elif self.password:
             look_for_keys = False
         try:
-            LOG.debug("ssh.connect: ip: %s, port: %s, username: %s, "
-                      "password: %s, key_filename: %s, look_for_keys: %s, "
+            LOG.debug("ssh.connect: ip: %s, port: %s, look_for_keys: %s, "
                       "timeout: %s, banner_timeout: %s",
                       self.ip,
                       self.port,
-                      self.login,
-                      self.password,
-                      self.path_to_private_key,
                       look_for_keys,
                       self.conn_timeout,
                       self.conn_timeout)

releasenotes/notes/bug-1976370-stop-logging-login-information-b726d05ee805df27.yaml

@@ -0,0 +1,5 @@
+---
+security:
+  - |
+    The SSH utility module no longer logs usernames and passwords as
+    debug information.