F14 AMI passwords
Jan Pazdziora
jpazdziora at redhat.com
Fri Nov 19 10:10:51 UTC 2010
On Thu, Nov 18, 2010 at 10:19:51PM -0700, Pete Zaitcev wrote:
> Looking at the /etc/shadow in our official AMI ami-6e3a6a2b, I observed
> that root and ec2-user have passwords. Why are they left in? I suppose
> they do not hurt much, since sshd_config sets PasswordAuthentication
> and PermitRootLogin to no. Still, I'm just curious what they are.
>
> Even better, let's think in reverse: if the creator accidentially
> used a real root password, can I crack any interesting servers by
> cracking the root password and then applying it to bits of Fedora
> infrastructure (I know it's not 3-DES anymore, but still)?
The passwords seem to be reset in /etc/rc.local by an random string.
I was surprised to see the passwords change upon every reboot but
it the found the cause and thought that maybe the AMI authors had good
reason to set it up this way.
--
Jan Pazdziora
Principal Software Engineer, Satellite Engineering, Red Hat
More information about the cloud
mailing list