Move away from default password

Stewart Smith stewart at linux.ibm.com
Fri Jun 21 09:12:17 AEST 2019


Joseph Reynolds <jrey at linux.ibm.com> writes:
> On 2019-06-17 17:56, Stewart Smith wrote:
>> Joseph Reynolds <jrey at linux.ibm.com> writes:
>>> There is some interest in moving OpenBMC away from a default password.
>>> - email:
>>> https://lists.ozlabs.org/pipermail/openbmc/2019-June/016515.html  
>>> (which
>>> references a RestrictionMode design:
>>> https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/21195)
>>> 
>>> Having a default password is a security risk.  Note that changing to a
>>> different default password is not a good solution.  For example, if a
>>> bad actor learns the default password from one device, that actor will
>>> likely know the password for many of them.
>> 
>> and it makes it pretty easy to use something like Shodan to find all 
>> the
>> possible OpenBMCs connected to the Internet (hopefully by accident) and
>> pop a root shell on them.
>> 
>> Mind you, in a lab environment, it's *really* useful.
>
> I imagine for the forseeable future, OpenBMC would continue to have a 
> default userid and password (and I hope each development lab is using a 
> different default password than the well-known password).  But I think 
> development labs are subject to attack, so we need to eventually move 
> away from default passwords even in the development labs.
>
> At this time, I am looking for options to move away from this model, but 
> do not anticipate changing the default.

I admire your optimism :)

I could probably ruin everybody's day with a simple nmap invocation and
for loop in shell across the IBM class A :)

Having something that wasn't the same everywhere would probably be an
improvement in the lab, and make it harder for someone to accidentally
do something to a machine they didn't intend to.

-- 
Stewart Smith
OPAL Architect, IBM.


More information about the openbmc mailing list