action #101006
Updated by okurz over 2 years ago
## Motivation bmwiedemann from SUSE-IT informed me that security scans have shown openqaworkers to be vulnerable due to the default IPMI passwords. We should provide a unique password for that purpose, potentially unique for each host. ## Acceptance criteria * **AC1:** No IPMI/BMC connection in https://gitlab.suse.de/openqa/salt-pillars-openqa/-/blob/master/openqa/workerconf.sls references the default password anymore ## Suggestions * ~~Generate Generate a password for each host with `xkcdpass` from python3-xkcdpass~~ Just use the same password we have for sp.openqaw8-vmware.qa.suse.de where bmwiedemann recently set a new password python3-xkcdpass * Set password from each host, e.g. with ``` rcipmi start ipmitool user list ipmitool user set password 2 'FOOBAR' ``` * Update https://gitlab.suse.de/openqa/salt-pillars-openqa/-/blob/master/openqa/workerconf.sls