Michael DeHaan wrote:
Harry Hoffman wrote:
> root password hash is a bad idea! cobbler doesn't really protect those
> directories and if the errant badguy would able to download the hash
> they might be able to get the password through rainbow tables or brute
> force.
>
> what we do for our local users is use apg to create a default new
> password. We drop the plaintext version of this in their homedir and
> ensure it's chmod 600 chown user.user
>
We could perhaps generate one on an install by install basis (using the
magic of Cheetah), but we also then need to store that in cobbler in a
way that is retrievable by the admin so they can know it if they need to
log in. Cobbler's storage is read-only for this, so that is suboptimal.
mysql-server spits out the notice when the service starts, maybe that's
a way to give notice.
Kind regards,
Jeroen van Meeuwen
-kanarip