Project

General

Profile

Actions

action #101006

closed

Provide unique non-dictionary passwords for all our IPMI/HMC interfaces size:S

Added by okurz about 3 years ago. Updated almost 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
-
Start date:
2021-10-14
Due date:
% Done:

0%

Estimated time:

Description

Motivation

bmwiedemann from SUSE-IT informed me that security scans have shown openqaworkers to be vulnerable due to the default IPMI passwords. We should provide a unique password for that purpose, potentially unique for each host.

Acceptance criteria

Suggestions

  • Generate a password for each host with xkcdpass from python3-xkcdpass Just use the same password we have for sp.openqaw8-vmware.qa.suse.de where bmwiedemann recently set a new password
  • Set password from each host, e.g. with
rcipmi start 
ipmitool user list
ipmitool user set password 2 'FOOBAR'
Actions

Also available in: Atom PDF