From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.5) Gecko/20011012 Description of problem: The following doesn't work in a standard ks.cfg file... rootpw --iscrypted '$1$XqNeDUb9$uJFxmfG2znreuiu1XyWho/' What I get instead is some (apparently non md5) random password instead in /etc/shadow. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.create a kickstart file with a md5 encrypted rootpw 2.install, an reboot 3.try to log in with the original cleartext form of you encrypted password. Actual Results: Can't log in. Need to reboot in single user mode to obtain root priviledges and then issue a manual passwd command to reset the password. Expected Results: Expected to log in using known password Additional info:
Hmm...this worked in my testing...I'll take another look at it.
This still works for me...I just did an install and things worked fine. Can you attach your kickstart file?
Created attachment 36472 [details] sample ks.cfg file that doesn't set rootpw to "t3stm3"
The encrypted text in the previous attachment was obtained by doing "passwd" as root on a different box and then copying the contents from /etc/shadow on that box. The password I specified is "t3stm3" (excluding the quotes). What got installed on a machine after installing with this ks.cfg file was: root:aBtwyC/9wkybE:11533:0:99999:7::: clearly not the root:$1$Gs5S2B7M$GCGia9bw4I8oGS9SekoRc.:11533:0:99999:7::: that I intended. I have also made the assumption that maybe the kickstart expands variables and I have tried enclosing the password in single quotes but this did not help. Also it appears that the password that did get installed (whatever that is) is not an md5 format password; it doesn't seem long enough or start with $x$.
This kickstart file says that it was generated by anaconda...not ksconfig. Is that correct?
Doh! sorry about that. Actually it was generated by anaconda but I pretty much hand edited the whole thing. So I suggest that only thing left from anaconda was the comment lines.
So, I'm trying to figure out what generated the rootpw line in the kickstart file. Was it generated by anaconda or ksconfig? Or something else?
I generated the password by doing... useradd user passwd user <enter the desired password twice> now I cut and paste the md5 password from /etc/shadow into the config file. Yes this seems very kludgy but I can't find any documentation that describes how I'm suppose to manually generate a valid md5 password. The manuals describe "--iscrypted" but don't describe how you can generate a valid parameter for it. The above procedure worked in RH7.1. I assumed it would work in 7.2. Further... How come after I kickstart a machine the entry in /etc/shadow is *totally* different from what I specified. I would think that if I specified "--iscrypted blahblahblah" then "blahblahblah" should be in /etc/shadow.
Use ksconfig. Click the box for "Encrypt root password" and enter a root password. Then click "Save File" to preview the kickstart file. Cut and paste the "rootpw" line into your existing kickstart file. Does that work?
Closing due to inactivity. Please reopen if you have more information.