From: Kenneth Wilke <kenneth.wilke@RACKSPACE.COM>
To: vishwa <vishwa@linux.vnet.ibm.com>,
OpenBMC Maillist <openbmc@lists.ozlabs.org>
Subject: Re: Design proposal to Non-Interactive password update for REST client
Date: Fri, 11 Aug 2017 18:10:17 +0000 [thread overview]
Message-ID: <SN1PR20MB04962A116A342DF0D9359ACDEF890@SN1PR20MB0496.namprd20.prod.outlook.com> (raw)
In-Reply-To: <5ed0dda9-4581-aa0a-f63d-13ac7e4f5057@linux.vnet.ibm.com>
[-- Attachment #1: Type: text/plain, Size: 1737 bytes --]
Makes sense, sounds like a good route to me
________________________________
From: vishwa <vishwa@linux.vnet.ibm.com>
Sent: Friday, August 11, 2017 12:11:01 PM
To: Kenneth Wilke; OpenBMC Maillist
Subject: Re: Design proposal to Non-Interactive password update for REST client
Sorry, I should have mentioned that I had looked at that option.
For `chpasswd`, I need to fork a process but with `putspent` I can do in same process.
On 08/11/2017 10:20 PM, Kenneth Wilke wrote:
Could chpasswd be used for that?
________________________________
From: openbmc <openbmc-bounces+kenneth.wilke=rackspace.com@lists.ozlabs.org><mailto:openbmc-bounces+kenneth.wilke=rackspace.com@lists.ozlabs.org> on behalf of vishwa <vishwa@linux.vnet.ibm.com><mailto:vishwa@linux.vnet.ibm.com>
Sent: Friday, August 11, 2017 11:18:48 AM
To: OpenBMC Maillist
Subject: Design proposal to Non-Interactive password update for REST client
This email is about openbmc/openbmc#1714 ( REST API to update root
password )
Goal is to do Non-interactive password updates to enable a REST client
to update the root password.
My proposal is to use `getspent(3)` and `putspent(3)` and here is the flow.
REST client will provide a method that takes std::string as parameter.
The Provider at the BMC will receive the password and does these:
- Executes `getspent(3)` for "root" and gets the entries.
- Parses the `sp_pwdp` and extracts `encryption method` , `salt`.
- Makes a call to `crypt(3)` with the extracted `salt` and `user
input` and generates encrypted pass-code
- Populates the structure and calls `putspent(3)` to update the password
Please let me know your opinion on this.
Thank you,
!! Vishwa !!
[-- Attachment #2: Type: text/html, Size: 3601 bytes --]
next prev parent reply other threads:[~2017-08-11 18:26 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-11 16:18 Design proposal to Non-Interactive password update for REST client vishwa
2017-08-11 16:50 ` Kenneth Wilke
2017-08-11 17:11 ` vishwa
2017-08-11 18:10 ` Kenneth Wilke [this message]
2017-08-14 16:35 ` Patrick Williams
2017-08-28 11:34 ` vishwa
2017-08-30 6:47 ` vishwa
2017-08-31 5:08 ` tomjose
2017-08-31 6:18 ` vishwa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=SN1PR20MB04962A116A342DF0D9359ACDEF890@SN1PR20MB0496.namprd20.prod.outlook.com \
--to=kenneth.wilke@rackspace.com \
--cc=openbmc@lists.ozlabs.org \
--cc=vishwa@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.