Bug 1124853 - rhel-osp installer should not use random password
Summary: rhel-osp installer should not use random password
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: rhel-osp-installer
Version: 5.0 (RHEL 6)
Hardware: Unspecified
OS: Unspecified
low
medium
Target Milestone: ---
: Installer
Assignee: Mike Burns
QA Contact: Omri Hochman
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-30 13:11 UTC by Ofer Blaut
Modified: 2014-10-01 11:32 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-10-01 11:32:11 UTC


Attachments (Terms of Use)

Description Ofer Blaut 2014-07-30 13:11:59 UTC
Description of problem:

rhel-osp installer should not use random password ,
It must suggest user to configure password but not random one.

and the current text message should be changed

Current : 
Please set a default root password for newly provisioned machines. If you choose not to set a password, it will be generated randomly. The password must be a minimum of 8 characters. You can also set a public ssh key which will be deployed to newly provisioned machines.

suggested :
Please set a root password for newly provisioned machines,The password must be a minimum of 8 characters. You can also set a public ssh key which will be deployed to newly provisioned machines. 


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 3 Mike Burns 2014-09-30 15:16:31 UTC
Garth, 

Is this an issue?  Are we ok with a randomly generated password that the user can override?

Comment 4 Garth Mollett 2014-10-01 00:35:11 UTC
I'm fine with randomly generated password or password / ssh key supplied by user.
From a security perspective the  case we must avoid is static/default password or key.

Comment 5 Mike Burns 2014-10-01 11:32:11 UTC
Thanks Garth,

Based on feedback in comment 4, closing this bug since we provide a way for the user to change the password.


Note You need to log in before you can comment on or make changes to this bug.