Re: Reminder: Has anyone /not/ changed the default passwords in your kickstarts?

Harry Hoffman wrote: > root password hash is a bad idea! cobbler doesn't really protect those > directories and if the errant badguy would able to download the hash > they might be able to get the password through rainbow tables or brute > force. > > what we do for our local users is use apg to create a default new > password. We drop the plaintext version of this in their homedir and > ensure it's chmod 600 chown user.user > We could perhaps generate one on an install by install basis (using the magic of Cheetah), but we also then need to store that in cobbler in a way that is retrievable by the admin so they can know it if they need to log in. Cobbler's storage is read-only for this, so that is suboptimal.