Closed qrkourier closed 1 year ago
qrkourier
commented
1 year ago Related issue about changing the quickstart to split the edge-client and edge-management APIs so that edge-management isn't exposed to the internet: https://github.com/openziti/ziti/issues/850
dmuensterer
commented
1 year ago +1 I was just about to create this exact issue until I found there already was one!
qrkourier
commented
1 year ago I believe that all the quickstart and examples are using a randomized password now.
After completing the steps in the run-it-yourself/host-it-anywhere quickstart I have a public controller that accepts the default admin password. This wasn't a problem until recently because the quickstarts only produced private/local controller APIs, but now we need a way to either randomize or customize the default admin user's password. Otherwise, readers following the quickstart will surely deploy vulnerable networks as I did. There is mention of changing the default password in the ZAC quickstart, but it may be missed because it's optional.