Bug 1034689

Summary: RFE: Do not check the complexity of root password
Product: [Retired] Beaker Reporter: Patrik Kis <pkis>
Component: web UIAssignee: beaker-dev-list
Status: CLOSED WONTFIX QA Contact: tools-bugs <tools-bugs>
Severity: medium Docs Contact:
Priority: unspecified    
Version: developCC: aigao, asaha, bpeck, dcallagh, llim, qwan, rmancy
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-12-13 04:54:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Patrik Kis 2013-11-26 10:56:15 UTC 
Description of problem:
What is the point to force the users to set up complex root password for their machines in Preferences when the password can be seem by anybody in public console log file if it is used in console.

Version-Release number of selected component (if applicable):
Version - 0.14.2
Comment 2 Bill Peck 2013-11-26 13:10:53 UTC 
I think it still makes sense.  the root password on console is only an issue on s390 systems.  And even so, it still prevents root kits from  getting in and using our internal systems.
Comment 3 Dan Callaghan 2013-12-13 04:54:55 UTC 
The password complexity enforcement was a requirement from Red Hat's internal Information Security team. If you find the root password inconvenient I recommend you set a public SSH key in Beaker and use that instead.

Also note that the Beaker preferences page will accept a pre-crypted password, which you can generate using `openssl passwd -1`. In that case Beaker does not have access to the cleartext password so it cannot apply complexity checks (it assumes the users has chosen a strong password).