From af98f3f930ebc92221077051d6f21ea5b039a074 Mon Sep 17 00:00:00 2001 From: Peter Crellan Kelly Date: Thu, 21 Mar 2013 22:53:09 +1300 Subject: [PATCH] Bug 9885 Passwords generated by command line scripts are weak This changes the scripts so that: - in koha-create, the zebra password and mysql passwords are set to 16 character "secure" passwords, ie generated with pwgen -s 16 1 - the patron password is set to a 12 character "memorable" password. Signed-off-by: Magnus Enger Looks good. I did not actually build, install and test new packages, but i did test pwgen with the new arguments and the changes make sense. Signed-off-by: Robin Sheat QA signoff Signed-off-by: Jared Camins-Esakov Signed-off-by: Chris Cormack --- debian/scripts/koha-create | 6 +++--- debian/scripts/koha-reset-passwd | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/debian/scripts/koha-create b/debian/scripts/koha-create index b0c418c1bc..12b3730764 100755 --- a/debian/scripts/koha-create +++ b/debian/scripts/koha-create @@ -192,7 +192,7 @@ if [ "$op" = create ] || [ "$op" = request ] || [ "$op" = use ] then if [ "$mysqlpwd" = "" ] then - mysqlpwd="$(pwgen -1)" + mysqlpwd="$(pwgen -s 16 1)" fi else mysqlpwd="$(getinstancemysqlpassword $name)" @@ -220,7 +220,7 @@ then koha-create-dirs "$name" # Generate Zebra database password. - zebrapwd="$(pwgen -s 12 1)" + zebrapwd="$(pwgen -s 16 1)" # Future enhancement: make this configurable for when your db is on # another server. mysql_hostname="localhost" @@ -308,7 +308,7 @@ then # Change the default user's password. - staffpass="$(pwgen -1)" + staffpass="$(pwgen 12 1)" staffdigest=$(echo -n "$staffpass" | perl -e ' use Digest::MD5 qw(md5_base64); diff --git a/debian/scripts/koha-reset-passwd b/debian/scripts/koha-reset-passwd index 70ba3bafbd..fd4a60e911 100755 --- a/debian/scripts/koha-reset-passwd +++ b/debian/scripts/koha-reset-passwd @@ -45,7 +45,7 @@ eof for userid in "$@" do - password="$(pwgen -1)" + password="$(pwgen 12 1)" digest="$(pwdigest $password)" echo "$userid $password" echo "UPDATE borrowers SET password = '$digest' WHERE userid = '$userid';" \ -- 2.39.5