On Wed, 2018-02-07 at 13:37 +0000, Daniel P. Berrangé wrote:
Or can we just use openssl
$ openssl passwd -crypt hello
RtT4tOPU/wPnU
I'd love to avoid embedding a Python script in there[1], but it
doesn't look like openssl supports the same strong hashing
algorithm we're currently using, and I'm not sure modern guest OSs
would be happy with such a weak hash.
Another option would be to hard-code some pre-generated salt. I'm
not 100% clear of the security implications of doing something
like that though, to be honest.
[1] At least until the time we inevitably want to rewrite the tool
itself in Python[2], that is.
[2] Unless we decide to pick Go instead, of course :)
--
Andrea Bolognani / Red Hat / Virtualization