cc_set_passwords is too short for RANDOM
Bug #1860795 reported by
Dimitri John Ledkov
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cloud-init |
Fix Released
|
Undecided
|
Unassigned | ||
cloud-init (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
PW_SET = (''.join([x for x in ascii_letters + digits
def rand_user_
return util.rand_
len(PW_SET) is 55
log_2(55^20) is 115 bits, which is above 112, which matches the default OpenSSL SECLEVEL=2 setting in focal fossa.
Please bump PW_SET to 20, as 9 is crackable (provides 52 bits of security which is less than SECLEVEL 0).
As I'm about to use this on a mainframe, which by definition can crack that.
Changed in cloud-init (Ubuntu): | |
status: | Fix Committed → In Progress |
To post a comment you must log in.
https:/ /github. com/canonical/ cloud-init/ pull/189