On Tue, 2013-12-31 at 10:59 -0500, S.Çağlar Onur wrote:
> Hi Michael,
>
> On Thu, Dec 26, 2013 at 6:08 PM, Michael H. Warfield <m...@wittsend.com>
> wrote:
> > CentOS and Fedora Templates: Harden root passwords and add static MAC
> > network addresses.
> >
> > 1) Add logic to root password setting. Root password is now set to
> > "Root-${name}-${RANDOM} to defeat common brute force scans.
> > 2) Enhance exit messages to explain root password and password changing.
> Not an objection but a question. What about creating the container
> using either quiet parameter or via API? In that case user is unlikely
> to see that output hence won't be able to login the box.
That's a very good question. Certainly, the "chroot ${root_fs} passwd"
trick is going to work in any case. I had considered adding the
temporary root password in the config file in comments but then didn't.
[Snip]
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 978-7061 | m...@wittsend.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
signature.asc
Description: This is a digitally signed message part
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
