Answered

Script to change the admin password

9 years ago • updated by 8 years ago • 3

Hi Ubooquity

We are using Ubooquity in our company since today. We have a policy to change passwords regularly.

Is it possible to provide a script to change the admin password from bash (Debian)?

Is webadmin.cred the hashed/encrypted value of the admin password ? What value needs to be stored in webadmin.cred ? What is the algorithm ?

Kind regards

Stefaan Neyts

Vote

Replies 3
Oldest first
- Newest first
- Oldest first

Answered

9 years ago

The content of the webadmin.cred file is generated with:

hex_hmac_sha256(<PASSWORD>, SERVER_SALT)

where

<PASSWORD> is your password (UTF-8 encoded)
SERVER_SALT
is the following string (UTF-8 encoded):
```
d0809793df2c3be1a77a229781cfe1cdb1a2a    
```
hex_hmac_sha256 is a method provided by the this library

Basically, the HMAC of the password is calculated using the provided salt (using SHA256 as hash function), and the resulting byte array is converted to hexadecimal (hence the "hex_").

Theses are standard functions, which are widely used. Doing the same in a bash script should not be too difficult.

8 years ago

I'm trying to do this as well. I looked at the Stackoverflow thread, but it does not say anything about a salt, neither could I find anything about this elsewhere. I tried this:

echo -n "value" | openssl dgst -sha256 -hmac "key"

but it gives the wrong hash. How should I compute the hash in bash using the specified salt?

8 years ago

I found a way using node.js and the script you referred to:

SHA_256_JS=/path/to/script/sha256.js
if ! grep -q 'console.log' ${SHA_256_JS} ; then
  echo "console.log(hex_hmac_sha256(process.argv[2], process.argv[3]));" >> ${SHA_256_JS}
fi
node ${SHA_256_JS} ${MEDIA_PASSWD} d0809793df2c3be1a77a229781cfe1cdb1a2a > /opt/ubooquity/webadmin.cred
chown $UBOOQUITY_USER:$UBOOQUITY_USER /opt/ubooquity/webadmin.cred

Customer support service by UserEcho