Save the sha256 hash in the .ini instead of the plaintext password

kenfallon / fix-ssh-on-pi

Safely enabling ssh in the default Raspberry Pi OS (previously called Raspbian) Image

MIT License

80 stars 36 forks source link

Save the sha256 hash in the .ini instead of the plaintext password #8

Closed tillhanke closed 2 years ago

tillhanke commented 3 years ago

It might be a good idea to add an option to save the SHA256 hash instead of the plaintext password within the .ini file. This way the security of the script would be improved.

simmonmt commented 3 years ago

FWIW I made this change and a bunch of others (terseness, some cleanup, some just because) in https://github.com/simmonmt/fix-ssh-on-pi. You're welcome to copy them (or not).

kenfallon commented 2 years ago

I am (finally) getting to this. I'm removing the option to have clear text passwords. The hash will be stored in the ini file