Set pre-encrypted passwords for users

Cristian Ionescu-Idbohrn cristian.ionescu-idbohrn at axis.com
Wed Mar 31 18:54:49 CEST 2010


On Wed, 31 Mar 2010, Axel Freyn wrote:

> Hi Cristian,

Axel,

> Is that really a problem, if the ENCRYPTED password can be read?

IMHO, yes.

> For sure, one reason for /etc/shadow is to prevent exactly that, but
> during a FAI-installation, I see much more serious security concerns
> (well: if you don't trust the network during the installations...):

[snip]

Trre.  Things you point out are valid.  Still...

If one can do it right (with very little extra effort) from the beginning,
why not do it?  Especially when the "solution" is distributed to a
relatively large audience.  It may also serve as a proper example (cut &
paste is a wide spread programming "method").  If the wheel is already
invented, what's the gain in ignoring that fact?


Cheers,

-- 
Cristian


More information about the linux-fai mailing list