FYI: work on passwd preseeding

To: debian-boot@lists.debian.org
Subject: FYI: work on passwd preseeding
From: Christian Perrier <bubulle@debian.org>
Date: Thu, 6 Oct 2005 06:57:34 +0200
Message-id: <[🔎] 20051006045734.GK18787@djedefre.onera>

For the D-I team information: 

I'm actually working on bugs #275343, #304343 and #304352 for passwd,
all tagged "d-i" because they deal with the "reconfigure" code of
passwd, mainly used when called in base-config.

All these deal with the root password preseeding possibilities. They
were request to allow preseeding a MD5 hash for the root password
and/or allow preseeding a disabled password for root.

I'm perfectly aware that preseeding a MD5 hash is not security-proof,
but actually no less than preseeding a clear-text password which is
the only method we propose..:-)

Dealing with this turns out to be surprisingly easy...even for me..

This should introduce two new debconf variables:
root-password-hash
user-password-hash

The goal is that values found there will be used as a MD5 hash passed
to chpasswd in passwd.config.

Using "*" as "hash" would then preseed....a disabled password for root
as requested by Holger in #304343.

This will for sure need changes in the installation manual, especially
the preseed example. Of course, this will have to be done only when
the modified passwd package will have reached testing.

--

Reply to:

Prev by Date: Processing of debian-installer_20051005_i386.changes
Next by Date: First time debian install
Previous by thread: Processing of debian-installer_20051005_i386.changes
Next by thread: First time debian install
Index(es):
- Date
- Thread