karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Varga (JIRA)" <j...@apache.org>
Subject [jira] [Created] (KARAF-3366) Generate a non-default password on first startup
Date Mon, 17 Nov 2014 18:35:33 GMT
Robert Varga created KARAF-3366:
-----------------------------------

             Summary: Generate a non-default password on first startup
                 Key: KARAF-3366
                 URL: https://issues.apache.org/jira/browse/KARAF-3366
             Project: Karaf
          Issue Type: Wish
          Components: karaf-security
    Affects Versions: 3.0.2
            Reporter: Robert Varga


In OpenDaylight we rely on Karaf as our pre-packaged download, which has the slight caveat
that non-customized downloads can easily be vulnerable if users enable ssh with the default
password.

It would be nice if the startup script could generate a random password for root, so the installation
is secure by default. Not sure what the impact will be on usability, though.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message