Design proposal to Non-Interactive password update for REST client

vishwa vishwa at linux.vnet.ibm.com
Sat Aug 12 03:11:01 AEST 2017


Sorry, I should have mentioned that I had looked at that option.

For `chpasswd`, I need to fork a process but with `putspent` I can do in 
same process.

On 08/11/2017 10:20 PM, Kenneth Wilke wrote:
>
> Could chpasswd be used for that?
>
> ------------------------------------------------------------------------
> *From:* openbmc 
> <openbmc-bounces+kenneth.wilke=rackspace.com at lists.ozlabs.org> on 
> behalf of vishwa <vishwa at linux.vnet.ibm.com>
> *Sent:* Friday, August 11, 2017 11:18:48 AM
> *To:* OpenBMC Maillist
> *Subject:* Design proposal to Non-Interactive password update for REST 
> client
> This email is about openbmc/openbmc#1714 ( REST API to update root
> password )
>
> Goal is to do Non-interactive password updates to enable a REST client
> to update the root password.
>
> My proposal is to use `getspent(3)` and `putspent(3)` and here is the 
> flow.
>
> REST client will provide a method that takes std::string as parameter.
>
> The Provider at the BMC will receive the password and does these:
>
>   - Executes `getspent(3)` for "root" and gets the entries.
>   - Parses the `sp_pwdp` and extracts `encryption method` , `salt`.
>   - Makes a call to `crypt(3)` with the extracted `salt` and `user
> input` and generates encrypted pass-code
>   - Populates the structure and calls `putspent(3)` to update the password
>
> Please let me know your opinion on this.
>
> Thank you,
>
> !! Vishwa !!
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20170811/775ba389/attachment.html>


More information about the openbmc mailing list