diff options
| author | Alex Harpin <development@landsofshadow.co.uk> | 2014-10-16 21:03:07 +0100 |
|---|---|---|
| committer | Alex Harpin <development@landsofshadow.co.uk> | 2014-10-16 21:03:07 +0100 |
| commit | c260e6a6566a7a2ae39242716ed90eba466143ec (patch) | |
| tree | 09ae797f6e14a062775ee9e3eb5259793175c128 | |
| parent | 8932d8f180139828c016244d77a30691ef5277a0 (diff) | |
| download | vyatta-cfg-system-c260e6a6566a7a2ae39242716ed90eba466143ec.tar.gz vyatta-cfg-system-c260e6a6566a7a2ae39242716ed90eba466143ec.zip | |
vyatta-cfg-system: set default vyos password hash to sha-512 when reset
In line with Bug #318, set the default vyos user password hash to use
SHA-512 instead of MD5 when recreating the user during a password reset
Bug #355 http://bugzilla.vyos.net/show_bug.cgi?id=355
| -rwxr-xr-x | scripts/standalone_root_pw_reset | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/scripts/standalone_root_pw_reset b/scripts/standalone_root_pw_reset index f3f6c565..d3b9ed2e 100755 --- a/scripts/standalone_root_pw_reset +++ b/scripts/standalone_root_pw_reset @@ -28,7 +28,7 @@ ADMIN=vyos set_encrypted_password() { sed -i \ - -e "/ user $1 {/,/}/s/encrypted-password .*\$/encrypted-password \"$2\"/" $3 + -e "/ user $1 {/,/}/s/encrypted-password .*\$/encrypted-password $2/" $3 } @@ -54,7 +54,7 @@ change_password() { # set the password for the user then store it in the config # so the user is recreated on the next full system boot. - local epwd=$(mkpasswd -H md5 "$pwd1") + local epwd=$(mkpasswd --method=sha-512 "$pwd1") # escape any slashes in resulting password local eepwd=$(sed 's:/:\\/:g' <<< $epwd) set_encrypted_password $user $eepwd $CF @@ -150,7 +150,7 @@ then sed -i -e "/ login {/a\\ user $ADMIN {\\ authentication {\\ - encrypted-password \"$1$4XHPj9eT$G3ww9B/pYDLSXC8YVvazP0\"\\ + encrypted-password \$6$IhbXHdwgYkLnt/$VRIsIN5c2f2v4L2l4F9WPDrRDEtWXzH75yBswmWGERAdX7oBxmq6m.sWON6pO6mi6mrVgYBxdVrFcCP5bI.nt.\\ plaintext-password \"\"\\ }\\ level admin\\ |