Design proposal to Non-Interactive password update for REST client
vishwa
vishwa at linux.vnet.ibm.com
Sat Aug 12 02:18:48 AEST 2017
This email is about openbmc/openbmc#1714 ( REST API to update root
password )
Goal is to do Non-interactive password updates to enable a REST client
to update the root password.
My proposal is to use `getspent(3)` and `putspent(3)` and here is the flow.
REST client will provide a method that takes std::string as parameter.
The Provider at the BMC will receive the password and does these:
- Executes `getspent(3)` for "root" and gets the entries.
- Parses the `sp_pwdp` and extracts `encryption method` , `salt`.
- Makes a call to `crypt(3)` with the extracted `salt` and `user
input` and generates encrypted pass-code
- Populates the structure and calls `putspent(3)` to update the password
Please let me know your opinion on this.
Thank you,
!! Vishwa !!
More information about the openbmc
mailing list