Project

General

Profile

Feature #5585

Support non-md5 root password

Added by Vincent Brillault over 5 years ago. Updated almost 5 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

When adding a root password in a hostgroup, Foreman automagically add a salt and hashes it using the md5 algorithm.

Could it be possible to support other, more recent, algorithms, for example SHA-256 or SHA-512 and even blowfish where it is implemented?

I do not know the code, but a simple grep seems to indicate that the following code is responsible for this:
(https://github.com/theforeman/foreman/blob/develop/app/models/concerns/host_common.rb#L108)
self.root_pass = root_pass.empty? ? nil : (root_pass.starts_with?('$') ? root_pass : root_pass.crypt("$1$#{SecureRandom.base64(6)}"))

The '1' in the "$1$" here is problematic.
Could it be changed to a configuration option (with '1' used by default) ?

Thanks in advance,
Vincent

PS: during my greping, I found another part using the root password:
(https://github.com/theforeman/foreman/blob/develop/app/helpers/unattended_helper.rb#L9)
def grub_pass
@grub ? "--md5pass=#{@host.root_pass}": ""
end
This is likely to break if root_pass is not a md5 password.


Related issues

Is duplicate of Foreman - Feature #2127: Support newer hash schemes for root passwordsClosed2013-01-15

History

#1 Updated by Dominic Cleal over 5 years ago

  • Is duplicate of Feature #2127: Support newer hash schemes for root passwords added

#2 Updated by Dominic Cleal over 5 years ago

  • Status changed from New to Duplicate

Thanks for the report, we're tracking this under #2127 (it's high up on our backlog too I think).

#3 Updated by Vincent Brillault over 5 years ago

Sorry, I missed this one (I searched for root password, but did not find it).
Thanks.

#4 Updated by The Foreman Bot almost 5 years ago

  • Target version set to 1.7.4
  • Pull request https://github.com/theforeman/foreman/pull/1736 added

#5 Updated by Dominic Cleal almost 5 years ago

  • Target version deleted (1.7.4)
  • Pull request added
  • Pull request deleted (https://github.com/theforeman/foreman/pull/1736)

Also available in: Atom PDF