Jabber Server?
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Mon Mar 7 09:11:16 UTC 2005
adrian at lisas.de (Adrian Reber) writes:
>> [... jabber ...]
>> 1) The default password is somehow securely handled. I didn't read too
>> carefully, how was this resolved?
>
> A random password is created during installation.
mmh...
| export NEWPASS="$RANDOM-newpass-$RANDOM"
| cd %{sysconfdir}
| %{__perl} -pi -e "s,<secret>secret</secret>,<secret>$NEWPASS</secret>,g" router-users.xml
| %{__perl} -pi -e "s,<secret>secret</secret>,<secret>$NEWPASS</secret>,g" router.xml
| %{__perl} -pi -e "s,<pass>secret</pass>,<pass>$NEWPASS</pass>,g" *.xml
1. the password is random, but not secure (only 32 bit); you could do
| dd if=/dev/urandom bs=20 count=1 | sha1sum
which creates an 80bit password
2. the new password is visible with 'ps'; when you add the dependency on
'perl' (dunno, if jabber really requires it), you could read it from
the $NEWPASS environment variable.
But when 'perl' is not required for jabberd functionality, the entire
script should be rewritten to remove this dep.
Enrico
More information about the fedora-extras-list
mailing list