FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

imx8 | root and user password issue

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

imx8 | root and user password issue

‎01-31-2023 09:11 AM
2,130 Views
shai_b
Senior Contributor II

Hello Team,

My customer is going into mass production and he would like to have one master 'root' password for all their devices.

By default, the login on "root" is enabled on yocto, to enable quicker development and debugging.

This feature is enabled by setting the flag "debug-tweaks" in local.conf file in yocto build.

The exact line looks like this:

EXTRA_IMAGE_FEATURES ?= "debug-tweaks"

The way to add a password according to yocto is:

firstly to comment out the 'debug-tweaks' flag, so the yocto does not force an empty root password, and it is expected from the developer to provide one

secondly is to provide a password and/or other users into the image like this:
INHERIT += "extrausers"
EXTRA_USERS_PARAMS = "usermod -p '$(openssl passwd TEST1234)' root;"

Please find the customer inquiries below:

1) With the above configuration, we have a working root password but is limited to only 8 characters,

Please advise back on how to overcome the characters limitation in log-in password on the?

2) also with the method above we are forced to change the password of root when we log-in to the system for the first time.

Please advise how we can avoid from the system to request changing the password when login to the system for the first time?

 

Waiting for your kind feedback, Thanks a lot.

KR,

Shai

Tags (1)
0 Kudos
Reply
6 Replies

‎02-03-2023 09:32 AM
2,102 Views
hector_delgado
NXP TechSupport
NXP TechSupport

Hi @shai_b ,

I hope you're having a great day. Could you let us know the Yocto version as well as de BSP version your client is using?

Best regards,
Hector.

0 Kudos
Reply

‎02-08-2023 06:51 AM
2,073 Views
shai_b
Senior Contributor II
@hector Hello,

There is any update?
I am still waiting for your kind feedback.
Thanks in advance
KR,
Shai
0 Kudos
Reply

‎02-09-2023 05:21 PM
2,056 Views
hector_delgado
NXP TechSupport
NXP TechSupport

Hi @shai_b ,

I'm currently reviewing this case, sorry for the delay.

Best regards,
Hector.

0 Kudos
Reply

‎02-13-2023 12:27 AM
2,014 Views
shai_b
Senior Contributor II

@hector_delgado Hello,

There is any news?

Kind regards,

Shai

0 Kudos
Reply

‎02-15-2023 11:27 AM
1,991 Views
hector_delgado
NXP TechSupport
NXP TechSupport

Hi @shai_b ,

I hope you're doing well. Has your customer tried another form of encryption for the password? For example, the Yocto documentation uses the following as an example:

mkpasswd -m sha256crypt tester01

Which it's result ends up assigned to a variable and then to the specific user:

inherit extrausers
PASSWD = "\$X\$ABC123\$A-Long-Hash"
EXTRA_USERS_PARAMS = "\
    useradd -p '${PASSWD}' root; 
    "

 I'd also like to add the following warning mentioned in the documentation:

"NOTE: From a security perspective, hardcoding a default password is not generally a good idea or even legal in some jurisdictions. It is recommended that you do not do this if you are building a production image."

Let me know if this information was helpful.

Best regards,
Hector,

0 Kudos
Reply

‎02-04-2023 04:55 AM
2,090 Views
shai_b
Senior Contributor II

@hector_delgado ,

The Yocto release is "Honister" (kernel v5.15.5), used for imx8mm-evk image.

Waiting for your kind feedback, Thanks a lot.

KR,

Shai

0 Kudos
Reply