[Freeipa-devel] [freeipa PR#403][comment] Add new ipa passwd-generate command
redhatrises
freeipa-github-notification at redhat.com
Tue Jan 24 02:38:20 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/403
Title: #403: Add new ipa passwd-generate command
redhatrises commented:
"""
Sorry for the delayed response.
This is useful for environments where utilities like `pwgen` may not be allowed to be installed due to compliance/environment reasons. It is also especially useful for handling service accounts whose passwords have to be changed regularly or for managing passwords for shared user accounts where user's only access to the accounts is through sudo. Plus if no one is logging into the accounts, service or user, which are required to have passwords change regularly, why not have the authentication tool come up with one that is sufficient for the organizational requirements (28 different random different passwords) without having to come up with a password or having to remember x utility (which may not be allowed to be installed) from doing it?
However, the final iteration of this (which I have not added yet) is to add `--user` and/or `--service-account` to handle changing those passwords with a generated password for user accounts or service accounts. Another option would be to just add an option that behaves the same way such as `--generate` to `ipa passwd` e.g. `ipa passwd user1 --generate`
"""
See the full comment at https://github.com/freeipa/freeipa/pull/403#issuecomment-274684765
More information about the Freeipa-devel
mailing list