Re: [zones-discuss] sysidcfg - root password
Thanks, just tested that. :-[ . But if you use an encrytion in
a sysidcfg file say jumpstart, all the clients will use that.
Interesting. Still doesn't explain why the problematic encryption
only has 12 characters, not 13.
Mike
Edward Pilatowicz wrote:
no, it likely wouldn't be the same. the classic unix crypt uses a
"salt" to allow for different encodings of the same text string. see:
http://en.wikipedia.org/wiki/Crypt_(Unix)
ed
On Wed, Aug 26, 2009 at 03:00:01PM -0400, Mike Wahlberg wrote:
Also I created a root passwd on my Solaris 10 U7
box as abc123, and the encryption from my /etc/shadow
is MNY4FaPMbBnRs, not what you supplied. I would
think the encryption would be the same.
Mike
Edward Pilatowicz wrote:
are you running opensolaris?
if so, i'm guessing that the problem is the format of the hashed
password. by default, solaris version <= 10 and nevada use crypt for
hashing passwords, but opensolaris uses SHA256. these settings seem to
be controlled via /etc/security/policy.conf. just search for string
CRYPT_* in that file and read the associated comments.
ed
On Wed, Aug 26, 2009 at 08:35:19AM -0700, v wrote:
Hello,
I use sysidcfg to configure my zone. However, during configuration, the root
password gives a syntax error. The password I use in the sysidcfg is the
encrypted version of abc123. I don't know why it doesn't like it. Let me walk
you through my zone creation process. Maybe somebody can tell me what I am
doing wrong... (By the way, this is an exclusive IP zone)
1) Install the zone
2) Make the zone ready (zoneadm -z zone1 ready)
3) Copy the below sysidcfg to the root/etc/ directory
terminal=vt100
network_interface=primary { dhcp protocol_ipv6=yes }
name_service=DNS nfs4_domain=dynamic
security_policy=none
timezone=US/Eastern
system_locale=C
root_password=fto/dU8MKwQR
4) Login to the zone (zlogin -C zone1)
5) Open another connection to the global zone
6) Boot zone1 (zoneadm -z zone1 boot)
7) Then, I see the configuration process on the other terminal screen as
outlined below. It stops at the root password line and switches over to the
interactive configuration
[NOTICE: Zone booting up]
SunOS Release 5.11 Version snv_111b 32-bit
Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Hostname: zone1
Reading ZFS config: done.
Mounting ZFS filesystems: (6/6)
root_password=fto/dU8MKwQR
syntax error line 8 position 15
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: vnic1
--
This message posted from opensolaris.org
___
zones-discuss mailing list
zones-discuss@opensolaris.org
___
zones-discuss mailing list
zones-discuss@opensolaris.org
--
Michael Wahlberg
OS Collaborator
Sun Technology Center
Sun Microsystems, Inc.
75 Network Drive
Burlington, Mass. 01803 Phone: 781-442-1332 Email
michael.wahlb...@sun.com
Hours: Monday-Friday 7:30am-4PM EST
Manager: joel.fonte...@sun.com
--
Michael Wahlberg
OS Collaborator
Sun Technology Center
Sun Microsystems, Inc.
75 Network Drive
Burlington, Mass. 01803
Phone: 781-442-1332
Email michael.wahlb...@sun.com
Hours: Monday-Friday 7:30am-4PM EST
Manager: joel.fonte...@sun.com
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
RESOLVED... The encryption for bosox worked. I guess I should have checked the encryption more carefully. Thanks a lot to everybody for responding... I appreciate everybody's time. -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
no, it likely wouldn't be the same. the classic unix crypt uses a
"salt" to allow for different encodings of the same text string. see:
http://en.wikipedia.org/wiki/Crypt_(Unix)
ed
On Wed, Aug 26, 2009 at 03:00:01PM -0400, Mike Wahlberg wrote:
> Also I created a root passwd on my Solaris 10 U7
> box as abc123, and the encryption from my /etc/shadow
> is MNY4FaPMbBnRs, not what you supplied. I would
> think the encryption would be the same.
>
> Mike
>
>
> Edward Pilatowicz wrote:
>> are you running opensolaris?
>>
>> if so, i'm guessing that the problem is the format of the hashed
>> password. by default, solaris version <= 10 and nevada use crypt for
>> hashing passwords, but opensolaris uses SHA256. these settings seem to
>> be controlled via /etc/security/policy.conf. just search for string
>> CRYPT_* in that file and read the associated comments.
>>
>> ed
>>
>> On Wed, Aug 26, 2009 at 08:35:19AM -0700, v wrote:
>>
>>> Hello,
>>>
>>> I use sysidcfg to configure my zone. However, during configuration, the
>>> root password gives a syntax error. The password I use in the sysidcfg is
>>> the encrypted version of abc123. I don't know why it doesn't like it. Let
>>> me walk you through my zone creation process. Maybe somebody can tell me
>>> what I am doing wrong... (By the way, this is an exclusive IP zone)
>>>
>>> 1) Install the zone
>>> 2) Make the zone ready (zoneadm -z zone1 ready)
>>> 3) Copy the below sysidcfg to the root/etc/ directory
>>>
>>> terminal=vt100
>>> network_interface=primary { dhcp protocol_ipv6=yes }
>>> name_service=DNS nfs4_domain=dynamic
>>> security_policy=none
>>> timezone=US/Eastern
>>> system_locale=C
>>> root_password=fto/dU8MKwQR
>>>
>>> 4) Login to the zone (zlogin -C zone1)
>>> 5) Open another connection to the global zone
>>> 6) Boot zone1 (zoneadm -z zone1 boot)
>>> 7) Then, I see the configuration process on the other terminal screen as
>>> outlined below. It stops at the root password line and switches over to
>>> the interactive configuration
>>>
>>> [NOTICE: Zone booting up]
>>>
>>> SunOS Release 5.11 Version snv_111b 32-bit
>>> Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved.
>>> Use is subject to license terms.
>>> Hostname: zone1
>>> Reading ZFS config: done.
>>> Mounting ZFS filesystems: (6/6)
>>> root_password=fto/dU8MKwQR
>>> syntax error line 8 position 15
>>> Creating new rsa public/private host key pair
>>> Creating new dsa public/private host key pair
>>> Configuring network interface addresses: vnic1
>>> --
>>> This message posted from opensolaris.org
>>> ___
>>> zones-discuss mailing list
>>> zones-discuss@opensolaris.org
>>>
>> ___
>> zones-discuss mailing list
>> zones-discuss@opensolaris.org
>>
>
>
> --
> Michael Wahlberg
> OS Collaborator
> Sun Technology Center
> Sun Microsystems, Inc.
> 75 Network Drive
> Burlington, Mass. 01803 Phone: 781-442-1332 Email
> michael.wahlb...@sun.com
> Hours: Monday-Friday 7:30am-4PM EST
> Manager: joel.fonte...@sun.com
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
Also I created a root passwd on my Solaris 10 U7
box as abc123, and the encryption from my /etc/shadow
is MNY4FaPMbBnRs, not what you supplied. I would
think the encryption would be the same.
Mike
Edward Pilatowicz wrote:
are you running opensolaris?
if so, i'm guessing that the problem is the format of the hashed
password. by default, solaris version <= 10 and nevada use crypt for
hashing passwords, but opensolaris uses SHA256. these settings seem to
be controlled via /etc/security/policy.conf. just search for string
CRYPT_* in that file and read the associated comments.
ed
On Wed, Aug 26, 2009 at 08:35:19AM -0700, v wrote:
Hello,
I use sysidcfg to configure my zone. However, during configuration, the root
password gives a syntax error. The password I use in the sysidcfg is the
encrypted version of abc123. I don't know why it doesn't like it. Let me walk
you through my zone creation process. Maybe somebody can tell me what I am
doing wrong... (By the way, this is an exclusive IP zone)
1) Install the zone
2) Make the zone ready (zoneadm -z zone1 ready)
3) Copy the below sysidcfg to the root/etc/ directory
terminal=vt100
network_interface=primary { dhcp protocol_ipv6=yes }
name_service=DNS
nfs4_domain=dynamic
security_policy=none
timezone=US/Eastern
system_locale=C
root_password=fto/dU8MKwQR
4) Login to the zone (zlogin -C zone1)
5) Open another connection to the global zone
6) Boot zone1 (zoneadm -z zone1 boot)
7) Then, I see the configuration process on the other terminal screen as
outlined below. It stops at the root password line and switches over to the
interactive configuration
[NOTICE: Zone booting up]
SunOS Release 5.11 Version snv_111b 32-bit
Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Hostname: zone1
Reading ZFS config: done.
Mounting ZFS filesystems: (6/6)
root_password=fto/dU8MKwQR
syntax error line 8 position 15
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: vnic1
--
This message posted from opensolaris.org
___
zones-discuss mailing list
zones-discuss@opensolaris.org
___
zones-discuss mailing list
zones-discuss@opensolaris.org
--
Michael Wahlberg
OS Collaborator
Sun Technology Center
Sun Microsystems, Inc.
75 Network Drive
Burlington, Mass. 01803
Phone: 781-442-1332
Email michael.wahlb...@sun.com
Hours: Monday-Friday 7:30am-4PM EST
Manager: joel.fonte...@sun.com
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
Hi,
did you already tried it with another password?
regards
Bernd
v wrote:
Hello,
I use sysidcfg to configure my zone. However, during configuration, the root
password gives a syntax error. The password I use in the sysidcfg is the
encrypted version of abc123. I don't know why it doesn't like it. Let me walk
you through my zone creation process. Maybe somebody can tell me what I am
doing wrong... (By the way, this is an exclusive IP zone)
1) Install the zone
2) Make the zone ready (zoneadm -z zone1 ready)
3) Copy the below sysidcfg to the root/etc/ directory
terminal=vt100
network_interface=primary { dhcp protocol_ipv6=yes }
name_service=DNS
nfs4_domain=dynamic
security_policy=none
timezone=US/Eastern
system_locale=C
root_password=fto/dU8MKwQR
4) Login to the zone (zlogin -C zone1)
5) Open another connection to the global zone
6) Boot zone1 (zoneadm -z zone1 boot)
7) Then, I see the configuration process on the other terminal screen as
outlined below. It stops at the root password line and switches over to the
interactive configuration
[NOTICE: Zone booting up]
SunOS Release 5.11 Version snv_111b 32-bit
Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Hostname: zone1
Reading ZFS config: done.
Mounting ZFS filesystems: (6/6)
root_password=fto/dU8MKwQR
syntax error line 8 position 15
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: vnic1
--
Bernd Schemmer, Frankfurt am Main, Germany
http://bnsmb.de/
M s temprano que tarde el mundo cambiar .
Fidel Castro
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
are you running opensolaris?
if so, i'm guessing that the problem is the format of the hashed
password. by default, solaris version <= 10 and nevada use crypt for
hashing passwords, but opensolaris uses SHA256. these settings seem to
be controlled via /etc/security/policy.conf. just search for string
CRYPT_* in that file and read the associated comments.
ed
On Wed, Aug 26, 2009 at 08:35:19AM -0700, v wrote:
> Hello,
>
> I use sysidcfg to configure my zone. However, during configuration, the root
> password gives a syntax error. The password I use in the sysidcfg is the
> encrypted version of abc123. I don't know why it doesn't like it. Let me
> walk you through my zone creation process. Maybe somebody can tell me what I
> am doing wrong... (By the way, this is an exclusive IP zone)
>
> 1) Install the zone
> 2) Make the zone ready (zoneadm -z zone1 ready)
> 3) Copy the below sysidcfg to the root/etc/ directory
>
> terminal=vt100
> network_interface=primary { dhcp protocol_ipv6=yes }
> name_service=DNS
> nfs4_domain=dynamic
> security_policy=none
> timezone=US/Eastern
> system_locale=C
> root_password=fto/dU8MKwQR
>
> 4) Login to the zone (zlogin -C zone1)
> 5) Open another connection to the global zone
> 6) Boot zone1 (zoneadm -z zone1 boot)
> 7) Then, I see the configuration process on the other terminal screen as
> outlined below. It stops at the root password line and switches over to the
> interactive configuration
>
> [NOTICE: Zone booting up]
>
> SunOS Release 5.11 Version snv_111b 32-bit
> Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved.
> Use is subject to license terms.
> Hostname: zone1
> Reading ZFS config: done.
> Mounting ZFS filesystems: (6/6)
> root_password=fto/dU8MKwQR
> syntax error line 8 position 15
> Creating new rsa public/private host key pair
> Creating new dsa public/private host key pair
> Configuring network interface addresses: vnic1
> --
> This message posted from opensolaris.org
> ___
> zones-discuss mailing list
> zones-discuss@opensolaris.org
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
Your encrypted entry looks strange, and 1 character short. Just as a test, try: h87UkRudhD32k root passwd bosox Mike v wrote: Well, I typed it myself instead of copying and pasting it. It still gives the same error. In the error, it says the error is in position 15, which is the character "f" right after the equal sign. I tried putting quotation marks, but it still didn't like it. -- Michael Wahlberg OS Collaborator Sun Technology Center Sun Microsystems, Inc. 75 Network Drive Burlington, Mass. 01803 Phone: 781-442-1332 Email michael.wahlb...@sun.com Hours: Monday-Friday 7:30am-4PM EST Manager: joel.fonte...@sun.com ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
v wrote:
I don't think so... It looks like it works:
http://blogs.sun.com/observatory/en_US/entry/zones_and_crossbow1
I would validate with that blogger if that sysidcfg had actually
been validated. If you look a little lower in the blog, the sysidcfg
file failed to get get consumed by sysidtool when that zone booted:
Use is subject to license terms.
Hostname: myzone
Loading smf(5) service descriptions: 69/69
Reading ZFS config: done.
Mounting ZFS filesystems: (5/5)
network_interface=myzone0 {
myzone0 is not a valid network interface line 3 position 19
Creating new rsa public/private host key pair
Upon any syntax error, the entire sysidcfg file is thrown out, so
I don't see how the root_password would have even gotten processed
by sysidroot.
Anyway, for your case, why don't you just replace the encrypted
string with some other known good one.
-ethan
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
Well, I typed it myself instead of copying and pasting it. It still gives the same error. In the error, it says the error is in position 15, which is the character "f" right after the equal sign. I tried putting quotation marks, but it still didn't like it. -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
I wonder if there is an extra space at the end of the line or some other non visible character. On Wed, Aug 26, 2009 at 1:44 PM, v wrote: > I don't think so... It looks like it works: > http://blogs.sun.com/observatory/en_US/entry/zones_and_crossbow1 > -- > This message posted from opensolaris.org > ___ > zones-discuss mailing list > zones-discuss@opensolaris.org > ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
I don't think so... It looks like it works: http://blogs.sun.com/observatory/en_US/entry/zones_and_crossbow1 -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
v wrote: SunOS Release 5.11 Version snv_111b 32-bit Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Hostname: zone1 Reading ZFS config: done. Mounting ZFS filesystems: (6/6) root_password=fto/dU8MKwQR Is this encrypted string missing a character? syntax error line 8 position 15 Creating new rsa public/private host key pair Creating new dsa public/private host key pair Configuring network interface addresses: vnic1 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
It didn't work. It is still giving the same syntax error... -- This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg - root password
On Wed, Aug 26, 2009 at 10:35 AM, v wrote: > Hello, > > I use sysidcfg to configure my zone. However, during configuration, the root > password gives a syntax error. The password I use in the sysidcfg is the > encrypted version of abc123. I don't know why it doesn't like it. Let me > walk you through my zone creation process. Maybe somebody can tell me what I > am doing wrong... (By the way, this is an exclusive IP zone) > > 1) Install the zone > 2) Make the zone ready (zoneadm -z zone1 ready) > 3) Copy the below sysidcfg to the root/etc/ directory What are the permissions on the sysidcfg file? I think that it needs to be such that it is not readable by non-root users? Try: chown root sysidcfg chmod 400 sysidcfg -- Mike Gerdts http://mgerdts.blogspot.com/ ___ zones-discuss mailing list zones-discuss@opensolaris.org
