Joe Linoff wrote:
So I ran:
% openssl passwd -1 'testit' <value>and cut-n-pasted the<value> to the "default_password_crypted:" field in /etc/cobbler/settings and updated everything:
Doing better than I did then - I could never get this to work with my CentOS 5.5 cobbler server - anytime I tried it cobbler came back complaining that the resulting kickstart was corrupt/invalid. In the end I generate the password with grub-md5-crypt and that seemed to work fine (well, I've done about a dozen test installs since with no problems. :D
What does the default_password_crypted field do?
As the comments in the settings file says, this field contains the encrypted password that'll be assigned to root for your newly provisioned systems. And the comments also warn you that if don't change this then you'll get a warning from the 'check' command - which I thought was a nice touch.
HTH, Bob Cross.
Hi Bob:
Thank you for clearing up my confusion about the difference between the password for the web interface and the clients.
Also, thank you for the tip about grub-md5-crypt. I wasn't aware that I could use that program as well.
Best regards,
Joe
From: Robert Cross [mailto:r_l_cross@dechro.co.uk] Sent: Thursday, January 27, 2011 5:59 AM To: Joe Linoff; cobbler@lists.fedorahosted.org Subject: Re: What does the default_password_crypted field do?
Joe Linoff wrote:
So I ran:
% openssl passwd -1 'testit' <value>
and cut-n-pasted the <value> to the "default_password_crypted:" field in /etc/cobbler/settings and updated everything: Doing better than I did then - I could never get this to work with my CentOS 5.5 cobbler server - anytime I tried it cobbler came back complaining that the resulting kickstart was corrupt/invalid. In the end I generate the password with grub-md5-crypt and that seemed to work fine (well, I've done about a dozen test installs since with no problems. :D
What does the default_password_crypted field do?
As the comments in the settings file says, this field contains the encrypted password that'll be assigned to root for your newly provisioned systems. And the comments also warn you that if don't change this then you'll get a warning from the 'check' command - which I thought was a nice touch.
HTH, Bob Cross.
I guess along with this topic - I was looking for a way to globally set a default grub/bootloader password within the cobbler settings file. Can this be done - or is this more of a feature enhancement?
Thanks, -Tim
--- On Thu, 1/27/11, Joe Linoff jlinoff@tabula.com wrote:
From: Joe Linoff jlinoff@tabula.com Subject: RE: What does the default_password_crypted field do? To: "Robert Cross" r_l_cross@dechro.co.uk, cobbler@lists.fedorahosted.org Date: Thursday, January 27, 2011, 12:51 PM
Hi Bob:
Thank you for clearing up my confusion about the difference between the password for the web interface and the clients.
Also, thank you for the tip about grub-md5-crypt. I wasn't aware that I could use that program as well.
Best regards,
Joe
From: Robert Cross [mailto:r_l_cross@dechro.co.uk] Sent: Thursday, January 27, 2011 5:59 AM To: Joe Linoff; cobbler@lists.fedorahosted.org Subject: Re: What does the default_password_crypted field do?
Joe Linoff wrote:
So I ran:
% openssl passwd -1 'testit' <value>
and cut-n-pasted the <value> to the "default_password_crypted:" field in /etc/cobbler/settings and updated everything: Doing better than I did then - I could never get this to work with my CentOS 5.5 cobbler server - anytime I tried it cobbler came back complaining that the resulting kickstart was corrupt/invalid. In the end I generate the password with grub-md5-crypt and that seemed to work fine (well, I've done about a dozen test installs since with no problems. :D
What does the default_password_crypted field do?
As the comments in the settings file says, this field contains the encrypted password that'll be assigned to root for your newly provisioned systems. And the comments also warn you that if don't change this then you'll get a warning from the 'check' command - which I thought was a nice touch.
HTH, Bob Cross. _______________________________________________ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
On Fri, 28 Jan 2011 13:20:31 -0800 (PST), Tim Tass tptass@yahoo.com wrote:
I guess along with this topic - I was looking for a way to globally set a default grub/bootloader password within the cobbler settings file. Can this be done - or is this more of a feature enhancement?
To have it in the cobbler settings file, I believe that would be an enhancement. You might be able to do via the default ksmeta options though, but I'd have to look at that to know for sure.
Thanks I'll take a look and if not I'll look into adding it into the source. If I make a change do I just submit the diff to the development forum?
On Jan 28, 2011, at 4:40 PM, Scott Henson shenson@redhat.com wrote:
On Fri, 28 Jan 2011 13:20:31 -0800 (PST), Tim Tass tptass@yahoo.com wrote:
I guess along with this topic - I was looking for a way to globally set a default grub/bootloader password within the cobbler settings file. Can this be done - or is this more of a feature enhancement?
To have it in the cobbler settings file, I believe that would be an enhancement. You might be able to do via the default ksmeta options though, but I'd have to look at that to know for sure.
-- Scott Henson Red Hat CIS Operator WVU Alum BSAE/BSME
To have it in the cobbler settings file, I believe that would be an enhancement. You might be able to do via the default ksmeta options though, but I'd have to look at that to know for sure.
Yeah, at our site we have a grub_password in the ksmeta, like so -
cobbler profile edit --name=Fedora12-x86_64 --ksmeta='grub_password="$1$JUnkSAlt$OEQRO!U#@RHO#Rhu@#RU."'
And in the kickstart file:
bootloader --location=mbr --md5pass=$grub_password
It's important to get the quoting right for the ksmeta when changing the grub password from a command line, because of the $ signs. If you get it wrong, your kickstart ends up saying --md5pass=$!U. or some such, and then your grub is far more secure than you bargained for :)
Hi Tim,
On 28 January 2011 21:20, Tim Tass tptass@yahoo.com wrote:
I guess along with this topic - I was looking for a way to globally set a default grub/bootloader password within the cobbler settings file. Can this be done - or is this more of a feature enhancement?
Thanks, -Tim
I believe you need to use the kickstart directive:
bootloader --password=
The bootloader directive should be in the kickstart file already - it is a compulsory directive as far as I know.
HTH
Dylan
cobbler@lists.fedorahosted.org
-
Dylan Swift -
Jennings, Jared L CTR USAF AFMC 46 SK/CCI -
Joe Linoff -
Robert Cross -
Scott Henson -
Tim Tass