Move away from default password
Stewart Smith
stewart at linux.ibm.com
Fri Jun 21 09:12:17 AEST 2019
Joseph Reynolds <jrey at linux.ibm.com> writes:
> On 2019-06-17 17:56, Stewart Smith wrote:
>> Joseph Reynolds <jrey at linux.ibm.com> writes:
>>> There is some interest in moving OpenBMC away from a default password.
>>> - email:
>>> https://lists.ozlabs.org/pipermail/openbmc/2019-June/016515.html
>>> (which
>>> references a RestrictionMode design:
>>> https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/21195)
>>>
>>> Having a default password is a security risk. Note that changing to a
>>> different default password is not a good solution. For example, if a
>>> bad actor learns the default password from one device, that actor will
>>> likely know the password for many of them.
>>
>> and it makes it pretty easy to use something like Shodan to find all
>> the
>> possible OpenBMCs connected to the Internet (hopefully by accident) and
>> pop a root shell on them.
>>
>> Mind you, in a lab environment, it's *really* useful.
>
> I imagine for the forseeable future, OpenBMC would continue to have a
> default userid and password (and I hope each development lab is using a
> different default password than the well-known password). But I think
> development labs are subject to attack, so we need to eventually move
> away from default passwords even in the development labs.
>
> At this time, I am looking for options to move away from this model, but
> do not anticipate changing the default.
I admire your optimism :)
I could probably ruin everybody's day with a simple nmap invocation and
for loop in shell across the IBM class A :)
Having something that wasn't the same everywhere would probably be an
improvement in the lab, and make it harder for someone to accidentally
do something to a machine they didn't intend to.
--
Stewart Smith
OPAL Architect, IBM.
More information about the openbmc
mailing list