[lxc-devel] root and ubuntu pass

Michael H. Warfield mhw at WittsEnd.com
Thu Apr 17 17:27:07 UTC 2014


On Thu, 2014-04-17 at 14:07 +0200, Ducos Laurent wrote:
> Hello 
> Is it possible to secure the password generated by debian and ubuntu
> templates like this ?
>         password=$(apg -a 0 -M ncl -n 1 -x 10 -m 8)
>         echo "$user:$password" | chroot $rootfs chpasswd
>         echo "$user password is $password  !"
> root:root or ubuntu:ubuntu by default is very insecure

This has come up before and the CentOS and Fedora templates support
several mechanisms for generating random or patterned templates and
passing the data through the environment.

Another idea would be to pass the password hash and use "setpasswd -e"
to install it.  Then you don't have the clear text password laying
around.
> 
> -- 
> Laurent Ducos
> Administrateur système et réseaux
> laurent.ducos at biblibre.com
> 09 74 77 07 16

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20140417/30df0e57/attachment.sig>


More information about the lxc-devel mailing list