[CentOS] How to decrypt rootpassword form kickstart file
Valeri Galtsev
galtsev at kicp.uchicago.edu
Wed Apr 1 16:26:51 UTC 2015
On Wed, April 1, 2015 11:09 am, Andrew Holway wrote:
>>
>> This is all interesting, but I've got one dumb question: why do you need
>> to decrypt it?
>>
>
> In the UK we have a law which give you the right to remain silent; so as
> not to incriminate yourself. I think in the US its known as "taking the
> fifth".
Indeed.
But I for one can deduce the answer, assuming the OP knows everything I
know or more (sorry for abbr.; Original Poster I had to say). Here is my
speculation:
One can easily replace root password hash in kickstart. The only scenarios
that that is not enough I can imagine are:
1. OP has to deal with machine kickstarted before and had no ability (or
wants to avoid it to leave no track that that is done) to boot the machine
in a single user mode and edit shadow file
2. OP was able to get kickstart file content (the hash actually), _has_ to
use it, but is not able to edit it (or editing is not an option due to
some other consideration)
3. This is somebody's else kickstart password, but I do exclude
immediately it as as a result one can imagine a [cyber]criminal action
here which I don't expect from anyone ;-)
That said, I just have to mention it once again. It is really advisable to
always change root password that came from kickstart file before even new
system goes live.
Valeri
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
More information about the CentOS
mailing list