hide default password that's stored in plaintext in this repository - Githubissues

sunrisemovement / devops

This repo is obsolete. A maintained version of this code lives at https://github.com/maximum-ethics/linode-caddy

GNU Affero General Public License v3.0

2 stars 1 forks source link

hide default password that's stored in plaintext in this repository #6

Open skyfaller opened 4 years ago

skyfaller commented 4 years ago

linode_create.yml currently has a default user password visible in plaintext in this repository. There are two barriers preventing a bad actor from exploiting this:

The villain would need a user's private ssh key, since we've disabled password-based login.
We require users to change their passwords the first time they log in, so the default password should only work on a user account that has never logged in.

That said, this is terrible practice, and we should:

encrypt the password in a vault
consider storing the password in the ansible hosts directory, rather than in our repository