Re: automatic password generation

To: debian-mentors@lists.debian.org
Subject: Re: automatic password generation
From: Daniel Martin <Daniel.Martin@jhu.edu>
Date: Fri, 04 Dec 1998 16:13:45 -0500
Message-id: <[🔎] 8790gnk3ue.fsf@cush.dyn.ml.org>
In-reply-to: john@dhh.gt.org's message of "Tue, 01 Dec 1998 20:26:15 -0600"
References: <[🔎] 8767bvuvnc.fsf@hasler.dhh>

john@dhh.gt.org writes:

> Chrony (essentially an xntp3 clone) includes two binaries: a daemon that
> runs as root and a control program that runs in user space.  To perform
> certain operations the user running the control program must provide a
> password which is stored in a file readable only by root.  I want the
> chrony package to install in a configuration that will "just work" on most
> systems.  To do that I must put a password in that file.  I don't want to
> put in a default password as most users will not change it, but I don't
> want to go to an interactive postinst either.  A solution I came up with is
> to generate and install a unique random password in the postinst.
> 
> IS this ok with policy?  Am I missing any obvious problems?

I'm just curious - how are you going to do this?  The best way I came
up with was:
PASS=`head --bytes=16 /dev/urandom | md5sum`

I'm certain you could use od instead of md5sum, but I doubt it looks
as simple as this.  (Oh and I suppose people can argue about
/dev/random vs. /dev/urandom, but for your purposes /dev/urandom
should be fine - also note that /dev/random might cause the process to 
freeze temporarily if the entropy pool has been depleted).

Reply to:

Follow-Ups:
- Re: automatic password generation
  - From: john@dhh.gt.org

References:
- automatic password generation
  - From: john@dhh.gt.org

Prev by Date: Re: Cannot install Linux on laptop
Next by Date: Gnu Privacy Guard
Previous by thread: Re: automatic password generation
Next by thread: Re: automatic password generation
Index(es):
- Date
- Thread