oehrlis
commented
1 year ago All legacy default passwords have no be removed. Passwords will be dynamically generated during installation if not specified by the user. To generate password pwgen is used when available. Otherwise the scripts do fallback to /dev/urandom. All generated passwords have a defaultlenght of 15 characters / number / specialcharacters
The code contains a set of default values for passwords. However, all passwords are created dynamically when the configuration is set up. Nevertheless, these default values lead to false/positive messages during security scans and must be removed.