• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Export Host File- Plain Text Password

    Scheduled Pinned Locked Moved Solved
    Bug Reports
    2
    3
    324
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LJedi
      last edited by

      Version 1.5.5

      I have notice that when I export the host to a CSV file, the password that is used to join them to the domain is in plain text and not encrypted (possible bug?). I know that in previous version of Fog, the password was encrypted in the CSV file and not in plain text.

      1 Reply Last reply Reply Quote 0
      • Tom ElliottT
        Tom Elliott
        last edited by

        This encrypted form of the password has since been removed.

        There’s multiple reasons for this, and the quickest reasoning was the encrypted form of the password contained both the IV and Passcode used to decrypt it in the first place. It looked confusing, but ultimately it had no better security than being in plain text. That and it added complexity to the base code, by having to encrypt, and before sending to the fog client being decrypted and reencrypted.

        As the data is passed only between the client and the server in an encrypted format of which the encryption password changes every 30 minutes, having it encrypt->decrypt->encrypt didn’t add any value either.

        This is intentional.

        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG! Get in contact with me (chat bubble in the top right corner) if you want to join in.

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        L 1 Reply Last reply Reply Quote 0
        • L
          LJedi @Tom Elliott
          last edited by

          @Tom-Elliott Thanks for the information.

          1 Reply Last reply Reply Quote 0
          • 1 / 1
          • First post
            Last post

          196

          Online

          11.6k

          Users

          17.1k

          Topics

          154.6k

          Posts
          Copyright © 2012-2024 FOG Project