Staypuft should not ship with a default password in place, because this will invariably lead to someone deploying on globally accessible systems and promptly having everyone in the world logging in just because they can. Staypuft should offer the option of not configuring any root password, and instead should allow one to provision an ssh public key via the web interface. Hsving both options (password-based and key-based) available keeps security policy under the control of the local administrator.
Marek, Can we prompt for a default password rather than hardcode it to spengler? (We might also consider defacing this field in the settings).
Proposed flow: (at configuration) Configure client authentication 1. SSH pubkey authentication 2. Root Password 3. Done If 3 when neither 1 or 2 done, then error (or hide it until 1 or 2 is completed) If choose 1, prompt for ssh pub key (copy/paste) If choose 2, Prompt for root password (blank to disable and lock root account password) If no root password is set, do passwd -l root in kickstart If set, configure it correctly If pubkey set, then add it as authorized key in kickstart %post User must set one or the other to proceed.
Makes sense to me, I'd also consider adding option to use a file to read key from and leave default for people just testing openstack deployment.
I was not able to disable password completely. Foreman can't manage host if it does not have root password (it won't pass the validation). Therefore I added a password validation to installer and we allow to set ssh key (either by specifying a path or the whole key). This was released in 0.0.21.
The current solution does not seem to address the requested behavior from the bug title and body. Currently : (A) There's is a default password "spengler" (B) There a message indicates about the default password : "Please set a default root password for newly provisioned machines. If you choose not to set a password, it will be defaulted to 'spengler'. The password must be a minimum of 8 characters. You can also set a p e deployed to newly provisioned machines." I would suggest the installer won't offer default passwords and force entering either: ssh-key or password. (in case of choosing ssh-key the generated password should be randomize)
(In reply to Omri Hochman from comment #8) > I would suggest the installer won't offer default passwords and force > entering either: ssh-key or password. (in case of choosing ssh-key the > generated password should be randomize) we can't do blank password, afaik, due to foreman limitations.
installer now generates a random password during install and prompts the user to change it during the install process.
Verified ======== rhel-osp-installer-0.1.6-5.el6ost.noarch
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2014-1090.html