Ashley Penney wrote:
Is this really a big problem? I assume most people using cobbler
either have a post-configuration tool (like us), or immediately jump
in to configure the server. It doesn't really seem like cobbler
should concern itself too heavily with security, people shouldn't be
building on public networks with ssh over root enabled by default. I
don't plan to change away from the default of 'cobbler' because puppet
kicks in within a few minutes to set it to something else.
Yet you have a window. It's much better to install it correctly than
depend on Puppet to fix it.
--Michael
On Thu, Oct 16, 2008 at 11:56 AM, Michael DeHaan
<mdehaan(a)redhat.com> wrote:
> As you are probably aware the sample kickstarts contain a default
> password of "cobbler".
>
> Cobbler check will warn you if any kickstarts use this password.
>
> # "cobbler check"
>
> If you have any kickstarts using this password, you should change them.
> If you have any systems that might be using those passwords already
> installed, you should change them.
>
> A future idea for /usr/bin/cobbler setup is probably to ask the user
> what they want the default password for the sample kickstarts to be and
> then add that to the sample kickstarts.
>
> --Michael
> _______________________________________________
> cobbler mailing list
> cobbler(a)lists.fedorahosted.org
>
https://fedorahosted.org/mailman/listinfo/cobbler
>
>
_______________________________________________
cobbler mailing list
cobbler(a)lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/cobbler