Re: [Patch] Assign password (encrypted) from boot parameters
On Thu, Oct 02, 2008 at 02:40:25PM -0400, bob wrote:
> On Thu, Oct 02, 2008 at 11:47:51PM +0800, Steven Shiau wrote:
> > Hi,
> > I modified live-initramfs so that we can assign password (encrypted) for
> > the default account "user" in boot parameters.
> > I am not sure this is a good idea or not, but I found it's really useful
> > when you want to put a remote machine with ssh service on.
> > To use it:
> > 1. echo "YOUR_PASSWORD" | mkpasswd -s
> > say, it shows "1zShsShaiZumc"
> > 2. put "usercrypted=1zShsShaiZumc" in boot parameters.
> The boot parameters are visible to all users. Would the system be
> vulnerable to another user seeing this parameter and running
> something like John the ripper?
A good password combined with a strong enough hashing algorithm will
make you safe. John the Ripper uses a dictionarry attack.
(Does Debian still default to crypt?)