diff options
| author | John Southworth <john.southworth@vyatta.com> | 2012-09-25 10:12:31 -0700 |
|---|---|---|
| committer | John Southworth <john.southworth@vyatta.com> | 2012-09-25 10:12:31 -0700 |
| commit | 0aabbfdb8bf8b51eb774f385f1ec8da0c599a2b4 (patch) | |
| tree | 882930678d01dd79e8d40e88cb65836c3e0c8067 | |
| parent | 45e1f9d764d47546df52a78abff7bb8642a5d4a0 (diff) | |
| download | vyatta-cfg-system-0aabbfdb8bf8b51eb774f385f1ec8da0c599a2b4.tar.gz vyatta-cfg-system-0aabbfdb8bf8b51eb774f385f1ec8da0c599a2b4.zip | |
Bugfix 8290: Detect original unsalted password
| -rwxr-xr-x | scripts/vyatta-first-login-passwd.sh | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/scripts/vyatta-first-login-passwd.sh b/scripts/vyatta-first-login-passwd.sh index d75e5c0c..467eff4b 100755 --- a/scripts/vyatta-first-login-passwd.sh +++ b/scripts/vyatta-first-login-passwd.sh @@ -95,7 +95,15 @@ for user in $($API listEffectiveNodes system login user); do user=${user//\'/} epwd=$(show system login user $user authentication encrypted-password) epwd=$(awk '{ print $2 }' <<<$epwd) + # check for old unsalted default password string. + if [[ $epwd == '$1$$Ht7gBYnxI1xCdO/JOnodh.' ]]; then + change_password $user + continue + fi salt=$(awk 'BEGIN{ FS="$" }; { print $3 }' <<<$epwd) + if [[ $salt == '' ]];then + continue + fi vyatta_epwd=$(mkpasswd -H md5 -S $salt vyatta) if [[ $epwd == $vyatta_epwd ]]; then change_password $user |