Re: [zones-discuss] sysidcfg - root password
Thanks, just tested that. :-[ . But if you use an encrytion in a sysidcfg file say jumpstart, all the clients will use that. Interesting. Still doesn't explain why the problematic encryption only has 12 characters, not 13. Mike Edward Pilatowicz wrote: no, it likely wouldn't be the same. the classic unix crypt uses a "salt" to allow for different encodings of the same text string. see: http://en.wikipedia.org/wiki/Crypt_(Unix) ed On Wed, Aug 26, 2009 at 03:00:01PM -0400, Mike Wahlberg wrote: Also I created a root passwd on my Solaris 10 U7 box as abc123, and the encryption from my /etc/shadow is MNY4FaPMbBnRs, not what you supplied. I would think the encryption would be the same. Mike Edward Pilatowicz wrote: are you running opensolaris? if so, i'm guessing that the problem is the format of the hashed password. by default, solaris version <= 10 and nevada use crypt for hashing passwords, but opensolaris uses SHA256. these settings seem to be controlled via /etc/security/policy.conf. just search for string CRYPT_* in that file and read the associated comments. ed On Wed, Aug 26, 2009 at 08:35:19AM -0700, v wrote: Hello, I use sysidcfg to configure my zone. However, during configuration, the root password gives a syntax error. The password I use in the sysidcfg is the encrypted version of abc123. I don't know why it doesn't like it. Let me walk you through my zone creation process. Maybe somebody can tell me what I am doing wrong... (By the way, this is an exclusive IP zone) 1) Install the zone 2) Make the zone ready (zoneadm -z zone1 ready) 3) Copy the below sysidcfg to the root/etc/ directory terminal=vt100 network_interface=primary { dhcp protocol_ipv6=yes } name_service=DNS nfs4_domain=dynamic security_policy=none timezone=US/Eastern system_locale=C root_password=fto/dU8MKwQR 4) Login to the zone (zlogin -C zone1) 5) Open another connection to the global zone 6) Boot zone1 (zoneadm -z zone1 boot) 7) Then, I see the configuration process on the other terminal screen as outlined below. It stops at the root password line and switches over to the interactive configuration [NOTICE: Zone booting up] SunOS Release 5.11 Version snv_111b 32-bit Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Hostname: zone1 Reading ZFS config: done. Mounting ZFS filesystems: (6/6) root_password=fto/dU8MKwQR syntax error line 8 position 15 Creating new rsa public/private host key pair Creating new dsa public/private host key pair Configuring network interface addresses: vnic1 -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org -- Michael Wahlberg OS Collaborator Sun Technology Center Sun Microsystems, Inc. 75 Network Drive Burlington, Mass. 01803 Phone: 781-442-1332 Email michael.wahlb...@sun.com Hours: Monday-Friday 7:30am-4PM EST Manager: joel.fonte...@sun.com -- Michael Wahlberg OS Collaborator Sun Technology Center Sun Microsystems, Inc. 75 Network Drive Burlington, Mass. 01803 Phone: 781-442-1332 Email michael.wahlb...@sun.com Hours: Monday-Friday 7:30am-4PM EST Manager: joel.fonte...@sun.com ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
RESOLVED... The encryption for bosox worked. I guess I should have checked the encryption more carefully. Thanks a lot to everybody for responding... I appreciate everybody's time. -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
no, it likely wouldn't be the same. the classic unix crypt uses a "salt" to allow for different encodings of the same text string. see: http://en.wikipedia.org/wiki/Crypt_(Unix) ed On Wed, Aug 26, 2009 at 03:00:01PM -0400, Mike Wahlberg wrote: > Also I created a root passwd on my Solaris 10 U7 > box as abc123, and the encryption from my /etc/shadow > is MNY4FaPMbBnRs, not what you supplied. I would > think the encryption would be the same. > > Mike > > > Edward Pilatowicz wrote: >> are you running opensolaris? >> >> if so, i'm guessing that the problem is the format of the hashed >> password. by default, solaris version <= 10 and nevada use crypt for >> hashing passwords, but opensolaris uses SHA256. these settings seem to >> be controlled via /etc/security/policy.conf. just search for string >> CRYPT_* in that file and read the associated comments. >> >> ed >> >> On Wed, Aug 26, 2009 at 08:35:19AM -0700, v wrote: >> >>> Hello, >>> >>> I use sysidcfg to configure my zone. However, during configuration, the >>> root password gives a syntax error. The password I use in the sysidcfg is >>> the encrypted version of abc123. I don't know why it doesn't like it. Let >>> me walk you through my zone creation process. Maybe somebody can tell me >>> what I am doing wrong... (By the way, this is an exclusive IP zone) >>> >>> 1) Install the zone >>> 2) Make the zone ready (zoneadm -z zone1 ready) >>> 3) Copy the below sysidcfg to the root/etc/ directory >>> >>> terminal=vt100 >>> network_interface=primary { dhcp protocol_ipv6=yes } >>> name_service=DNS nfs4_domain=dynamic >>> security_policy=none >>> timezone=US/Eastern >>> system_locale=C >>> root_password=fto/dU8MKwQR >>> >>> 4) Login to the zone (zlogin -C zone1) >>> 5) Open another connection to the global zone >>> 6) Boot zone1 (zoneadm -z zone1 boot) >>> 7) Then, I see the configuration process on the other terminal screen as >>> outlined below. It stops at the root password line and switches over to >>> the interactive configuration >>> >>> [NOTICE: Zone booting up] >>> >>> SunOS Release 5.11 Version snv_111b 32-bit >>> Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. >>> Use is subject to license terms. >>> Hostname: zone1 >>> Reading ZFS config: done. >>> Mounting ZFS filesystems: (6/6) >>> root_password=fto/dU8MKwQR >>> syntax error line 8 position 15 >>> Creating new rsa public/private host key pair >>> Creating new dsa public/private host key pair >>> Configuring network interface addresses: vnic1 >>> -- >>> This message posted from opensolaris.org >>> ___ >>> zones-discuss mailing list >>> zones-discuss@opensolaris.org >>> >> ___ >> zones-discuss mailing list >> zones-discuss@opensolaris.org >> > > > -- > Michael Wahlberg > OS Collaborator > Sun Technology Center > Sun Microsystems, Inc. > 75 Network Drive > Burlington, Mass. 01803 Phone: 781-442-1332 Email > michael.wahlb...@sun.com > Hours: Monday-Friday 7:30am-4PM EST > Manager: joel.fonte...@sun.com ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
Also I created a root passwd on my Solaris 10 U7 box as abc123, and the encryption from my /etc/shadow is MNY4FaPMbBnRs, not what you supplied. I would think the encryption would be the same. Mike Edward Pilatowicz wrote: are you running opensolaris? if so, i'm guessing that the problem is the format of the hashed password. by default, solaris version <= 10 and nevada use crypt for hashing passwords, but opensolaris uses SHA256. these settings seem to be controlled via /etc/security/policy.conf. just search for string CRYPT_* in that file and read the associated comments. ed On Wed, Aug 26, 2009 at 08:35:19AM -0700, v wrote: Hello, I use sysidcfg to configure my zone. However, during configuration, the root password gives a syntax error. The password I use in the sysidcfg is the encrypted version of abc123. I don't know why it doesn't like it. Let me walk you through my zone creation process. Maybe somebody can tell me what I am doing wrong... (By the way, this is an exclusive IP zone) 1) Install the zone 2) Make the zone ready (zoneadm -z zone1 ready) 3) Copy the below sysidcfg to the root/etc/ directory terminal=vt100 network_interface=primary { dhcp protocol_ipv6=yes } name_service=DNS nfs4_domain=dynamic security_policy=none timezone=US/Eastern system_locale=C root_password=fto/dU8MKwQR 4) Login to the zone (zlogin -C zone1) 5) Open another connection to the global zone 6) Boot zone1 (zoneadm -z zone1 boot) 7) Then, I see the configuration process on the other terminal screen as outlined below. It stops at the root password line and switches over to the interactive configuration [NOTICE: Zone booting up] SunOS Release 5.11 Version snv_111b 32-bit Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Hostname: zone1 Reading ZFS config: done. Mounting ZFS filesystems: (6/6) root_password=fto/dU8MKwQR syntax error line 8 position 15 Creating new rsa public/private host key pair Creating new dsa public/private host key pair Configuring network interface addresses: vnic1 -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org -- Michael Wahlberg OS Collaborator Sun Technology Center Sun Microsystems, Inc. 75 Network Drive Burlington, Mass. 01803 Phone: 781-442-1332 Email michael.wahlb...@sun.com Hours: Monday-Friday 7:30am-4PM EST Manager: joel.fonte...@sun.com ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
Hi, did you already tried it with another password? regards Bernd v wrote: Hello, I use sysidcfg to configure my zone. However, during configuration, the root password gives a syntax error. The password I use in the sysidcfg is the encrypted version of abc123. I don't know why it doesn't like it. Let me walk you through my zone creation process. Maybe somebody can tell me what I am doing wrong... (By the way, this is an exclusive IP zone) 1) Install the zone 2) Make the zone ready (zoneadm -z zone1 ready) 3) Copy the below sysidcfg to the root/etc/ directory terminal=vt100 network_interface=primary { dhcp protocol_ipv6=yes } name_service=DNS nfs4_domain=dynamic security_policy=none timezone=US/Eastern system_locale=C root_password=fto/dU8MKwQR 4) Login to the zone (zlogin -C zone1) 5) Open another connection to the global zone 6) Boot zone1 (zoneadm -z zone1 boot) 7) Then, I see the configuration process on the other terminal screen as outlined below. It stops at the root password line and switches over to the interactive configuration [NOTICE: Zone booting up] SunOS Release 5.11 Version snv_111b 32-bit Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Hostname: zone1 Reading ZFS config: done. Mounting ZFS filesystems: (6/6) root_password=fto/dU8MKwQR syntax error line 8 position 15 Creating new rsa public/private host key pair Creating new dsa public/private host key pair Configuring network interface addresses: vnic1 -- Bernd Schemmer, Frankfurt am Main, Germany http://bnsmb.de/ M s temprano que tarde el mundo cambiar . Fidel Castro ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
are you running opensolaris? if so, i'm guessing that the problem is the format of the hashed password. by default, solaris version <= 10 and nevada use crypt for hashing passwords, but opensolaris uses SHA256. these settings seem to be controlled via /etc/security/policy.conf. just search for string CRYPT_* in that file and read the associated comments. ed On Wed, Aug 26, 2009 at 08:35:19AM -0700, v wrote: > Hello, > > I use sysidcfg to configure my zone. However, during configuration, the root > password gives a syntax error. The password I use in the sysidcfg is the > encrypted version of abc123. I don't know why it doesn't like it. Let me > walk you through my zone creation process. Maybe somebody can tell me what I > am doing wrong... (By the way, this is an exclusive IP zone) > > 1) Install the zone > 2) Make the zone ready (zoneadm -z zone1 ready) > 3) Copy the below sysidcfg to the root/etc/ directory > > terminal=vt100 > network_interface=primary { dhcp protocol_ipv6=yes } > name_service=DNS > nfs4_domain=dynamic > security_policy=none > timezone=US/Eastern > system_locale=C > root_password=fto/dU8MKwQR > > 4) Login to the zone (zlogin -C zone1) > 5) Open another connection to the global zone > 6) Boot zone1 (zoneadm -z zone1 boot) > 7) Then, I see the configuration process on the other terminal screen as > outlined below. It stops at the root password line and switches over to the > interactive configuration > > [NOTICE: Zone booting up] > > SunOS Release 5.11 Version snv_111b 32-bit > Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. > Use is subject to license terms. > Hostname: zone1 > Reading ZFS config: done. > Mounting ZFS filesystems: (6/6) > root_password=fto/dU8MKwQR > syntax error line 8 position 15 > Creating new rsa public/private host key pair > Creating new dsa public/private host key pair > Configuring network interface addresses: vnic1 > -- > This message posted from opensolaris.org > ___ > zones-discuss mailing list > zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
Your encrypted entry looks strange, and 1 character short. Just as a test, try: h87UkRudhD32k root passwd bosox Mike v wrote: Well, I typed it myself instead of copying and pasting it. It still gives the same error. In the error, it says the error is in position 15, which is the character "f" right after the equal sign. I tried putting quotation marks, but it still didn't like it. -- Michael Wahlberg OS Collaborator Sun Technology Center Sun Microsystems, Inc. 75 Network Drive Burlington, Mass. 01803 Phone: 781-442-1332 Email michael.wahlb...@sun.com Hours: Monday-Friday 7:30am-4PM EST Manager: joel.fonte...@sun.com ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
v wrote: I don't think so... It looks like it works: http://blogs.sun.com/observatory/en_US/entry/zones_and_crossbow1 I would validate with that blogger if that sysidcfg had actually been validated. If you look a little lower in the blog, the sysidcfg file failed to get get consumed by sysidtool when that zone booted: Use is subject to license terms. Hostname: myzone Loading smf(5) service descriptions: 69/69 Reading ZFS config: done. Mounting ZFS filesystems: (5/5) network_interface=myzone0 { myzone0 is not a valid network interface line 3 position 19 Creating new rsa public/private host key pair Upon any syntax error, the entire sysidcfg file is thrown out, so I don't see how the root_password would have even gotten processed by sysidroot. Anyway, for your case, why don't you just replace the encrypted string with some other known good one. -ethan ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
Well, I typed it myself instead of copying and pasting it. It still gives the same error. In the error, it says the error is in position 15, which is the character "f" right after the equal sign. I tried putting quotation marks, but it still didn't like it. -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
I wonder if there is an extra space at the end of the line or some other non visible character. On Wed, Aug 26, 2009 at 1:44 PM, v wrote: > I don't think so... It looks like it works: > http://blogs.sun.com/observatory/en_US/entry/zones_and_crossbow1 > -- > This message posted from opensolaris.org > ___ > zones-discuss mailing list > zones-discuss@opensolaris.org > ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
I don't think so... It looks like it works: http://blogs.sun.com/observatory/en_US/entry/zones_and_crossbow1 -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
v wrote: SunOS Release 5.11 Version snv_111b 32-bit Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Hostname: zone1 Reading ZFS config: done. Mounting ZFS filesystems: (6/6) root_password=fto/dU8MKwQR Is this encrypted string missing a character? syntax error line 8 position 15 Creating new rsa public/private host key pair Creating new dsa public/private host key pair Configuring network interface addresses: vnic1 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
It didn't work. It is still giving the same syntax error... -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
On Wed, Aug 26, 2009 at 10:35 AM, v wrote: > Hello, > > I use sysidcfg to configure my zone. However, during configuration, the root > password gives a syntax error. The password I use in the sysidcfg is the > encrypted version of abc123. I don't know why it doesn't like it. Let me > walk you through my zone creation process. Maybe somebody can tell me what I > am doing wrong... (By the way, this is an exclusive IP zone) > > 1) Install the zone > 2) Make the zone ready (zoneadm -z zone1 ready) > 3) Copy the below sysidcfg to the root/etc/ directory What are the permissions on the sysidcfg file? I think that it needs to be such that it is not readable by non-root users? Try: chown root sysidcfg chmod 400 sysidcfg -- Mike Gerdts http://mgerdts.blogspot.com/ ___ zones-discuss mailing list zones-discuss@opensolaris.org