karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré (JIRA) <j...@apache.org>
Subject [jira] [Commented] (KARAF-3366) Generate a non-default password on first startup
Date Tue, 18 Nov 2014 09:38:34 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3366?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14215990#comment-14215990

Jean-Baptiste Onofré commented on KARAF-3366:

Good idea. It makes sense to prompt at bootstrap.

> Generate a non-default password on first startup
> ------------------------------------------------
>                 Key: KARAF-3366
>                 URL: https://issues.apache.org/jira/browse/KARAF-3366
>             Project: Karaf
>          Issue Type: Wish
>          Components: karaf-security
>    Affects Versions: 3.0.2
>            Reporter: Robert Varga
>            Assignee: Jean-Baptiste Onofré
>             Fix For: 4.0.0, 3.0.3
> In OpenDaylight we rely on Karaf as our pre-packaged download, which has the slight caveat
that non-customized downloads can easily be vulnerable if users enable ssh with the default
> It would be nice if the startup script could generate a random password for root, so
the installation is secure by default. Not sure what the impact will be on usability, though.

This message was sent by Atlassian JIRA

View raw message