[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Patch] Assign password (encrypted) from boot parameters

On Thu, Oct 02, 2008 at 02:40:25PM -0400, bob wrote:
> On Thu, Oct 02, 2008 at 11:47:51PM +0800, Steven Shiau wrote:
> > Hi,
> > I modified live-initramfs so that we can assign password (encrypted) for
> > the default account "user" in boot parameters.
> > I am not sure this is a good idea or not, but I found it's really useful
> > when you want to put a remote machine with ssh service on.
> > To use it:
> > 1.  echo "YOUR_PASSWORD" | mkpasswd -s
> >      say, it shows "1zShsShaiZumc"
> > 2.  put "usercrypted=1zShsShaiZumc" in boot parameters.
> > 
> The boot parameters are visible to all users. Would the system be 
> vulnerable to another user seeing this parameter and running 
> something like John the ripper?

A good password combined with a strong enough hashing algorithm will
make you safe. John the Ripper uses a dictionarry attack.

(Does Debian still default to crypt?)

               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen@xorcom.com
+972-50-7952406           mailto:tzafrir.cohen@xorcom.com
http://www.xorcom.com  iax:guest@local.xorcom.com/tzafrir

Reply to: