sched/nsh: Remove Hard-coded Default Password#18715
sched/nsh: Remove Hard-coded Default Password#18715Abhishek-2808 wants to merge 3 commits intoapache:masterfrom
Conversation
|
@acassis Please check this PR. Note: This PR is a re-submission of a previously approved PR. The original PR became inaccessible because my GitHub account was mistakenly flagged and is under manual review. Recreating it here with the same changes for review and merge. |
github-actions
bot
added
Area: Build system
Size: XL
|
@Abhishek-2808 some suggestions: Improve the error message to help the user to find where to fix the password: This PR is a breaking change, so, please include "!" before the commit title and include a Breaking Changes in the commit message, read https://nuttx.apache.org/docs/latest/contributing/guide.html for more info about it. Since NuttX is a POSIX and Unix-like system, I think it make more sense to use the "root" username instead of "admin". So change the saved username from "admin" to "root" (you can keep the Admin name in the menuconfig. @linguini1 @cederom do you agree? |
Thanks Alan, yes we may switch to Thanks for requesting breaking change mark! :-) update: I have just asked on dev@ :-) |
Introduce mkpasswd, a pure-C host tool for generating encrypted password
files at build time using TEA encryption. This enables secure,
credential-free firmware images while allowing build-time password
configuration.
Changes:
* Add mkpasswd.c host tool for TEA-based password hashing and encryption
* Integrate mkpasswd into Make build system (tools/Makefile.host)
* Add CMake support for mkpasswd compilation and ROMFS passwd generation
* Add CONFIG_BOARD_ETC_ROMFS_PASSWD_* configuration options to Kconfig
* Implement credential exclusion from defconfig to prevent password leaking
* Update savedefconfig.cmake to strip sensitive credentials
* Fix mkdir() portability for Windows Native builds (CONFIG_WINDOWS_NATIVE)
* Change default username from "admin" to "root" (POSIX convention)
* Improve build-failure error message with full menuconfig navigation path
BREAKING CHANGE: Boards enabling CONFIG_BOARD_ETC_ROMFS_PASSWD_ENABLE
must set CONFIG_BOARD_ETC_ROMFS_PASSWD_PASSWORD to a non-empty string
of at least 8 characters. The build now fails with an explicit error if
this config is left empty. To fix: run 'make menuconfig' and navigate to:
Board Selection --->
Auto-generate /etc/passwd at build time --->
Admin password
Signed-off-by: Abhishek Mishra <mishra.abhishek2808@gmail.com>
Abhishek-2808
force-pushed
the
Issue-16822
branch
from
3a68c0b to
171d80b
Compare
Abhishek-2808
requested review from
Ouss4,
anchao,
btashton,
fdcavalcanti,
jerpelea,
raiden00pl,
tmedicci,
xiaoxiang781216 and
yamt
as code owners
|
@acassis, That's a very good catch!!! I have updated the PR to make root instead of admin as many folks including me liked this idea... |
acassis
left a comment
acassis
left a comment
There was a problem hiding this comment.
@Abhishek-2808 I found many please where "admin" still used, please double check if there are more places
| USERNAME: admin | ||
| PASSWORD: Administrator | ||
| * ``CONFIG_BOARD_ETC_ROMFS_PASSWD_ENABLE=y`` | ||
| * ``CONFIG_BOARD_ETC_ROMFS_PASSWD_USER`` (default: ``admin``) |
There was a problem hiding this comment.
Good catch! fixed this in the latest commit, please check.
| nsh> cat /etc/passwd | ||
| admin:8Tv+Hbmr3pLVb5HHZgd26D:0:0:/ | ||
| CONFIG_BOARD_ETC_ROMFS_PASSWD_ENABLE=y | ||
| CONFIG_BOARD_ETC_ROMFS_PASSWD_USER (default: admin) |
| admin:8Tv+Hbmr3pLVb5HHZgd26D:0:0:/ | ||
| * ``CONFIG_BOARD_ETC_ROMFS_PASSWD_ENABLE=y`` | ||
| * ``CONFIG_NSH_CONSOLE_LOGIN=y`` (required, otherwise login is not enforced) | ||
| * ``CONFIG_BOARD_ETC_ROMFS_PASSWD_USER`` (default: ``admin``) |
|
|
||
| $ ./nuttx | ||
| NuttShell (NSH) NuttX-<version> | ||
| nsh login: admin |
Abhishek-2808
force-pushed
the
Issue-16822
branch
from
171d80b to
a8cb42b
Compare
Migrate boards from static /etc/passwd files to build-time generation:
* Remove static etc/passwd files from SIM and ESP32-C3-legacy boards
* Update board configurations to enable BOARD_ETC_ROMFS_PASSWD_ENABLE
* Configure SIM board with login demo user (root/Administrator)
* Update board build rules to use newly generated passwd files
* Remove CMakeLists.txt dependency on static passwd in SIM
* Update MOTD string from username=admin to username=root
This completes the infrastructure migration for boards supporting
login functionality.
BREAKING CHANGE: The static etc/passwd files have been removed from
boards/sim/sim/sim/src/etc/passwd
boards/risc-v/esp32c3-legacy/esp32c3-legacy-devkit/src/etc/passwd
These boards now require CONFIG_BOARD_ETC_ROMFS_PASSWD_ENABLE=y and a
configured password. Any board carrying a custom static passwd file must
set RCRAWS to exclude etc/passwd and manage credentials via the new
Kconfig options or provide their own passwd generation. To fix: run
'make menuconfig' and navigate to:
Board Selection --->
Auto-generate /etc/passwd at build time --->
Admin password
Signed-off-by: Abhishek Mishra <mishra.abhishek2808@gmail.com>
Document the new mkpasswd-based password generation system and its integration with the build process. Changes: * Add comprehensive mkpasswd tool documentation to components/tools * Update SIM board docs to explain generated passwd workflow * Update ESP32-C3-legacy board docs for passwd generation * Update RX65N board docs with credential handling guidance * Document how to configure and use BOARD_ETC_ROMFS_PASSWD_* options * Explain security benefits of build-time generation vs static files * Update all doc examples from default username "admin" to "root" BREAKING CHANGE: Boards using static /etc/passwd files in ETC_ROMFS must migrate to the new build-time generation workflow documented in Documentation/components/tools/index.rst. The old static passwd files are no longer present in migrated boards; boards that relied on them will fail to build until credentials are configured via Kconfig. Signed-off-by: Abhishek Mishra <mishra.abhishek2808@gmail.com>
Abhishek-2808
force-pushed
the
Issue-16822
branch
from
a8cb42b to
40faaf6
Compare
5 participants
Summary
This PR introduces build-time generation of the
/etc/passwdfile for the ROMFS image when authentication is enabled.Instead of relying on a static etc/passwd file embedded in the source tree, the passwd entry is now generated during the build using the configuration values:
CONFIG_ETC_ROMFS_PASSWD_USERCONFIG_ETC_ROMFS_PASSWD_PASSWORDCONFIG_ETC_ROMFS_PASSWD_UIDCONFIG_ETC_ROMFS_PASSWD_GIDCONFIG_ETC_ROMFS_PASSWD_HOMEThe generated passwd entry is written into the ROMFS staging directory and included in the firmware image.
Behavior
Authentication disabled
Authentication enabled
/etc/passwdautomatically.Password missing
CONFIG_ETC_ROMFS_GENPASSWD=ybut the password is empty, the build fails with an explicit error.This ensures that credentials are always explicitly configured when authentication is enabled and prevents firmware images from being built with empty passwords.
Security Improvement
Previously /etc/passwd could be included as a static file in the ROMFS source tree.
With this change, the credentials are generated at build time and must be explicitly configured, avoiding implicit or default credentials in firmware images.
Testing
General passwd entry
Plaintext passwd check
Build failure when passwd is empty
