Bug 600765

Summary: sshd is running during kickstart install and there is no root password
Product: Red Hat Enterprise Linux 6 Reporter: François Cami <contribs>
Component: anacondaAssignee: Anaconda Maintenance Team <anaconda-maint-list>
Status: CLOSED DUPLICATE QA Contact: Release Test Team <release-test-team-automation>
Severity: high Docs Contact:
Priority: high    
Version: 6.0CC: contribs, ddumas, drjohnson1, security-response-team
Target Milestone: betaKeywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 600768 (view as bug list) Environment:
Last Closed: 2010-06-06 14:23:12 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
kickstart to host to a server. replace "ksserver.example.com" by something appropriate for your network. none

Description François Cami 2010-06-05 22:46:27 UTC 
Created attachment 421509 [details]
kickstart to host to a server. replace "ksserver.example.com" by something appropriate for your network.

Description of problem:
When doing a kickstart install, sshd is running and there is no root password, allowing unauthorized entry to the system during installation.

Version-Release number of selected component (if applicable):
Packages from RHEL 6 Beta x86_64 (DVD iso, 04/14/2010)

How reproducible:
Always

Steps to Reproduce:
0. Copy the DVD content to a ftp server (ksserver.example.com)
1. Host an appropriate kickstart file (see attachment) via http on the same host
2. Create a KVM virtual machine and boot it from the RHEL6b DVD iso, add ks=http://ksserver.example.com/ks.filename to the installer CLI
4. When the installer has reached the package install stage, send CTRL+ALT+F2 to the VM and run ifconfig to get the VM's IP (vmIP)
5. Use a terminal on another host to run:
 $ ssh root@vmIP
  
Actual results:
$ ssh root.1.112
The authenticity of host '192.168.1.112 (192.168.1.112)' can't be established.
RSA key fingerprint is 5e:c9:75:7d:8b:4e:78:7c:79:bf:1d:98:ed:69:d9:ce.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.112' (RSA) to the list of known hosts.
-bash-4.1#

Expected results:
Connection refused or a password prompt?

Additional info:
Dennis Johnson found that bug on Fedora 13.
Comment 2 Chris Lumens 2010-06-06 01:03:05 UTC 
No need to CC me.  I watch anaconda-maint-list.
Comment 3 Tomas Hoger 2010-06-06 14:23:12 UTC 

*** This bug has been marked as a duplicate of bug 585160 ***