free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use a longer default password for better security

This commit is contained in:
Bob Mottram 2016-10-14 10:34:05 +01:00
parent be05e74c6d
commit afeec42a00
3 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/freedombone-app-blog
View File

@ -174,7 +174,6 @@ function install_interactive_blog {
function change_password_blog {
if ! grep -q "blog domain:" $COMPLETION_FILE; then
return
echo "blog domain:$FULLBLOG_DOMAIN_NAME" >> $COMPLETION_FILE
fi
FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "blog domain" | head -n 1 | awk -F ':' '{print $2}')

6
src/freedombone-image-customise
View File

@ -349,7 +349,7 @@ EOF
echo ' exit' >> $rootdir/root/.bashrc
echo ' fi' >> $rootdir/root/.bashrc
echo -n ' NEW_USER_PASSWORD="$(openssl rand -base64 30 | cut -c1-' >> $rootdir/root/.bashrc
echo "${MINIMUM_PASSWORD_LENGTH})\"" >> $rootdir/root/.bashrc
echo "${DEFAULT_PASSWORD_LENGTH})\"" >> $rootdir/root/.bashrc
echo ' fi' >> $rootdir/root/.bashrc
echo ' echo "${NEW_USER_PASSWORD}" > ~/login.txt' >> $rootdir/root/.bashrc
@ -361,8 +361,6 @@ EOF
PRESS_KEY_MESSAGE=$'Press any key to continue...'
echo " echo \"${NEW_LOGIN_PASSWORD_MESSAGE1}\"" >> $rootdir/root/.bashrc
echo ' echo ""' >> $rootdir/root/.bashrc
echo ' toilet "${NEW_USER_PASSWORD}"' >> $rootdir/root/.bashrc
echo ' echo ""' >> $rootdir/root/.bashrc
echo ' echo " ${NEW_USER_PASSWORD}"' >> $rootdir/root/.bashrc
echo ' echo ""' >> $rootdir/root/.bashrc
echo " echo \"${NEW_LOGIN_PASSWORD_MESSAGE2}\"" >> $rootdir/root/.bashrc
@ -1015,7 +1013,7 @@ fi
if [[ $VARIANT != "meshclient" && $VARIANT != "meshusb" && $VARIANT != "mesh" ]]; then
chroot "$rootdir" apt-get install -y openssh-server
fi
chroot "$rootdir" apt-get install -y sudo git dialog toilet build-essential
chroot "$rootdir" apt-get install -y sudo git dialog build-essential
chroot "$rootdir" apt-get install -y avahi-daemon avahi-utils avahi-discover avahi-autoipd
chroot "$rootdir" apt-get install -y iptables dnsutils net-tools network-manager iputils-ping
chroot "$rootdir" apt-get install -y libnss-mdns libnss-myhostname libnss-gw-name nano man ntp

19
src/freedombone-utils-passwords
View File

@ -36,15 +36,18 @@ IMAGE_PASSWORD_FILE=/root/login.txt
# Minimum number of characters in a password
MINIMUM_PASSWORD_LENGTH=10
function enforce_good_passwords {
# because humans are generally bad at choosing passwords
if grep -Fxq "enforce_good_passwords" $COMPLETION_FILE; then
return
fi
apt-get -y install libpam-cracklib
# The default password length used in images
DEFAULT_PASSWORD_LENGTH=20
sed -i 's/password.*requisite.*pam_cracklib.so.*/password required pam_cracklib.so retry=2 dcredit=-4 ucredit=-1 ocredit=-1 lcredit=0 minlen=10 reject_username/g' /etc/pam.d/common-password
echo 'enforce_good_passwords' >> $COMPLETION_FILE
function enforce_good_passwords {
# because humans are generally bad at choosing passwords
if grep -Fxq "enforce_good_passwords" $COMPLETION_FILE; then
return
fi
apt-get -y install libpam-cracklib
sed -i 's/password.*requisite.*pam_cracklib.so.*/password required pam_cracklib.so retry=2 dcredit=-4 ucredit=-1 ocredit=-1 lcredit=0 minlen=10 reject_username/g' /etc/pam.d/common-password
echo 'enforce_good_passwords' >> $COMPLETION_FILE
}
function create_password {