• January 26, 2021, 07:25:07 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: COM security problem? ssh possible with default credentials  (Read 2209 times)

0 Members and 1 Guest are viewing this topic.

Offline knows_not_much

  • Rookie
  • **
  • Posts: 1
COM security problem? ssh possible with default credentials
« on: September 02, 2015, 09:40:10 AM »
Hi, I managed to successfully run com-installer-3.1.2-20150724.021644-17.linux.bin and install the Configuration and Orchestration Manager (COM) v3.1.2 on a Redhat/Centos 5 64bit Linux system.

After first startup of the server I logged into the server's https web interface. There I was presented the Aura System Manager with the request to change the password for the "admin" user, which I did.

After the change I was still able to ssh into the server using user "admin" with the default password "admin", so obviously the change via the web interface only changes the user credentials in the (web) server context, not for the system user(s).

My questions:

- is it safe to do a "passwd" from the admin user's shell or does the COM application dependend on the system user "admin" having the default password? E.g. is this the user that can perform the local admin password reset?

- At least the users "admin", "nortel", and "mysql" seem to have been autocreated by the installer and have a login shell according to /etc/passwd. Is it safe and recommended to change their passwords too? Is there any documentation on these users (default credentials, etc.)?

- any other advice on hardening the COM server without interfering too much with its operation? Restricting ssh access to a single, self-created user account?

Thank you very much & kind regards.