7 Feb
2018
7 Feb
'18
3:04 p.m.
On Wed, 2018-02-07 at 13:37 +0000, Daniel P. Berrangé wrote:
Or can we just use openssl
$ openssl passwd -crypt hello RtT4tOPU/wPnU
I'd love to avoid embedding a Python script in there[1], but it doesn't look like openssl supports the same strong hashing algorithm we're currently using, and I'm not sure modern guest OSs would be happy with such a weak hash. Another option would be to hard-code some pre-generated salt. I'm not 100% clear of the security implications of doing something like that though, to be honest. [1] At least until the time we inevitably want to rewrite the tool itself in Python[2], that is. [2] Unless we decide to pick Go instead, of course :) -- Andrea Bolognani / Red Hat / Virtualization