Project

General

Profile

Actions

Bug #3241

closed

Default password is not set properly for Red Hats

Added by Lukas Zapletal about 11 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
High
Assignee:
-
Category:
Web Interface
Target version:
Difficulty:
easy
Triaged:
Fixed in Releases:
Found in Releases:

Description

Steps to reproduce:

1. Install foreman
1. Change default encrypted password in settings to something else like "abcdefg"
1. Provision a RHEL 6.4 host using default kickstart template
1. Do not set any password in the New Host page, make sure it is blank in the form
1. Try to login with "abcdefg"

Does not work. Spoof kickstart and note this:

rootpw --iscrypted dog8code

It looks like we should encrypt the password when saving it into the settings. In the settings table it is stored in cleartext, the host record is set to nil.

Setting to higher priority as new users will hit this.

Actions

Also available in: Atom PDF