• Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login
  • Recent
  • Unsolved
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Register
  • Login

Export Host File- Plain Text Password

Scheduled Pinned Locked Moved Solved
Bug Reports
2
3
448
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    LJedi
    last edited by Mar 7, 2019, 4:27 PM

    Version 1.5.5

    I have notice that when I export the host to a CSV file, the password that is used to join them to the domain is in plain text and not encrypted (possible bug?). I know that in previous version of Fog, the password was encrypted in the CSV file and not in plain text.

    1 Reply Last reply Reply Quote 0
    • T
      Tom Elliott
      last edited by Mar 7, 2019, 4:30 PM

      This encrypted form of the password has since been removed.

      There’s multiple reasons for this, and the quickest reasoning was the encrypted form of the password contained both the IV and Passcode used to decrypt it in the first place. It looked confusing, but ultimately it had no better security than being in plain text. That and it added complexity to the base code, by having to encrypt, and before sending to the fog client being decrypted and reencrypted.

      As the data is passed only between the client and the server in an encrypted format of which the encryption password changes every 30 minutes, having it encrypt->decrypt->encrypt didn’t add any value either.

      This is intentional.

      Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

      L 1 Reply Last reply Mar 7, 2019, 5:39 PM Reply Quote 0
      • L
        LJedi @Tom Elliott
        last edited by Mar 7, 2019, 5:39 PM

        @Tom-Elliott Thanks for the information.

        1 Reply Last reply Reply Quote 0
        • 1 / 1
        1 / 1
        • First post
          3/3
          Last post

        177

        Online

        12.0k

        Users

        17.3k

        Topics

        155.2k

        Posts
        Copyright © 2012-2024 FOG Project