| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
HP releases Linux Common Operating Environment 4.0
HP releases Linux Common Operating Environment 4.0
Posted May 30, 2007 17:33 UTC (Wed) by pcampe (subscriber, #28223)Parent article: HP releases Linux Common Operating Environment 4.0
The last screen requires you to enter the root password, and the page is not encrypted. It's not possible to avoid the definition of the root password and the chosen hostname is checked (in the first step) to be valid, so test.intranet.domain.tld does not work (you can insert an IP instead of the hostname).
This means that basically this is a web service devoted to collecting root password of exposed servers :)
Really it's a nice tool and it could be useful (especially if you deal with different distributions: if you have only one it'd be better to understand how to write "kickstart" files), but I'll not use it until they provide a nice package I can install and use on a local and trusted web server.
(Log in to post comments)
HP releases Linux Common Operating Environment 4.0
Posted May 30, 2007 20:19 UTC (Wed) by maks (subscriber, #32426) [Link]
> Really it's a nice tool and it could be useful> (especially if you deal with different distributions:
> if you have only one it'd be better to understand how
> to write "kickstart" files)
or preseeding files if you are on the Debian side :)
HP releases Linux Common Operating Environment 4.0
Posted May 30, 2007 21:45 UTC (Wed) by ksmathers (subscriber, #2353) [Link]
The key to LinuxCOE is to treat it the way you would an automated IMACD service. Give them your traveling password, then change it to something secure once the install is complete.
I've used LinuxCOE for a couple of years now from inside HP and it can be useful, particularly inside HP where you can store a persistent copy of your installation preferences. Without that it is just a depot for a fairly complete set of distributions.
HP releases Linux Common Operating Environment 4.0
Posted May 31, 2007 5:41 UTC (Thu) by louis_bouchard (guest, #29869) [Link]
>until they provide a nice package I can install and use on a local and >trusted web server.
We are well aware of that, and are actively working on providing RPM and .deb based packages for LinuxCOE.
Keep visiting our site at http://linuxcoe.sourceforge.net where they should be made available as soon as possible.
HP releases Linux Common Operating Environment 4.0
Posted May 31, 2007 13:47 UTC (Thu) by leem (guest, #45532) [Link]
FWIW, I would recommend you use a disposable 'install' password. However, there are 3 security modes System Designer can run in:
NONE - default, everything is open HTTP/FTP
NORMAL - http on all pages until passwords are in play, then HTTPS
SECURE - everything HTTPS, final image dropped in a secure .htaccess prodtected directory and only you get access user/pass on final page
Also, inside the preseed/autoyast/kickstart files, passwords are encrypted *unless* you're running the instance on a RH box as it's mkpassword doesn't support it, and I'm hesitant to include the perl module that does that in the code as it's not a perl base module and adds yet another dependency on running it.
HP releases Linux Common Operating Environment 4.0
Posted May 31, 2007 13:53 UTC (Thu) by bryang (guest, #43510) [Link]
FWIW, one of the configuration options is to use https whenever passwords are entered. But I certainly echo the "traveling" password approach (since some of the underlying distro install tools -- preseed, etc -- leave the password in clear text)