[lxc-devel] root and ubuntu pass
Serge Hallyn
serge.hallyn at ubuntu.com
Thu Apr 17 17:30:45 UTC 2014
Quoting Michael H. Warfield (mhw at WittsEnd.com):
> On Thu, 2014-04-17 at 14:07 +0200, Ducos Laurent wrote:
> > Hello
> > Is it possible to secure the password generated by debian and ubuntu
> > templates like this ?
> > password=$(apg -a 0 -M ncl -n 1 -x 10 -m 8)
> > echo "$user:$password" | chroot $rootfs chpasswd
> > echo "$user password is $password !"
> > root:root or ubuntu:ubuntu by default is very insecure
>
> This has come up before and the CentOS and Fedora templates support
> several mechanisms for generating random or patterned templates and
> passing the data through the environment.
>
> Another idea would be to pass the password hash and use "setpasswd -e"
Yeah that was my thought. Seems like the way to go.
> to install it. Then you don't have the clear text password laying
> around.
> >
> > --
> > Laurent Ducos
> > Administrateur système et réseaux
> > laurent.ducos at biblibre.com
> > 09 74 77 07 16
>
> Regards,
> Mike
> --
> Michael H. Warfield (AI4NB) | (770) 978-7061 | mhw at WittsEnd.com
> /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list