[989] in athena10
Re: Athena 10 root password (should be) in AFS
daemon@ATHENA.MIT.EDU (Jonathon Weiss)
Mon Jan 26 15:14:15 2009
Message-Id: <200901262012.n0QKCvZ3023935@vorpal-blade.mit.edu>
From: Jonathon Weiss <jweiss@MIT.EDU>
To: Greg Hudson <ghudson@mit.edu>
cc: Evan Broder <broder@mit.edu>, athena10@mit.edu
In-reply-to: Your message of "Mon, 26 Jan 2009 14:53:05 EST."
<1232999585.6528.39.camel@ray>
Date: Mon, 26 Jan 2009 15:12:57 -0500
> On Mon, 2009-01-26 at 14:31 -0500, Evan Broder wrote:
> > It looks like it should be "whatever you can drop into /etc/shadow",
> > which can be an md5 string (although the manpage doesn't document that).
>
> Given the weak security requirements on the root password, a crypt
> string (as used elsewhere in system/config) is fine.
>
> > An @sys string probably isn't the right idea, since a Debathena machine
> > can be any combination of {i386,amd64}_deb{3,4,5}0, and scheduled to
> > keep increasing. If you'd like to make it something other than athena10,
> > we can adjust the package accordingly.
>
> There is no need to use a platform name for this case because the data
> being stored is not especially platform-specific. Particularly if we
> use a simple crypt string. The full shadow and passwd files stored for
> Athena 9.x were very OS-dependent.
OK, I'm convinced. I've created the file contianing the relevant
crypt string. Please test it and let me know if there are any
problems.
Jonathon
