Design proposal to Non-Interactive password update for REST client

Kenneth Wilke kenneth.wilke at RACKSPACE.COM
Sat Aug 12 02:50:27 AEST 2017


Could chpasswd be used for that?

________________________________
From: openbmc <openbmc-bounces+kenneth.wilke=rackspace.com at lists.ozlabs.org> on behalf of vishwa <vishwa at linux.vnet.ibm.com>
Sent: Friday, August 11, 2017 11:18:48 AM
To: OpenBMC Maillist
Subject: Design proposal to Non-Interactive password update for REST client

This email is about openbmc/openbmc#1714 ( REST API to update root
password )

Goal is to do Non-interactive password updates to enable a REST client
to update the root password.

My proposal is to use `getspent(3)` and `putspent(3)` and here is the flow.

REST client will provide a method that takes std::string as parameter.

The Provider at the BMC will receive the password and does these:

  - Executes `getspent(3)` for "root" and gets the entries.
  - Parses the `sp_pwdp` and extracts `encryption method` , `salt`.
  - Makes a call to `crypt(3)` with the extracted `salt` and `user
input` and generates encrypted pass-code
  - Populates the structure and calls `putspent(3)` to update the password

Please let me know your opinion on this.

Thank you,

!! Vishwa !!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20170811/13d36de7/attachment.html>


More information about the openbmc mailing list