[mythtvnz] Default Passwords
Nick Rout
nick.rout at gmail.com
Fri Jun 1 23:47:03 BST 2012
On Sat, Jun 2, 2012 at 10:26 AM, tortise <tortise at paradise.net.nz> wrote:
> On 2/06/2012 10:13 a.m., Nick Rout wrote:
>>
>> On Sat, Jun 2, 2012 at 9:54 AM, tortise<tortise at paradise.net.nz> wrote:
>>>
>>> I've noted a post that contained a my_th_tv password (obfus_cation
>>> intended)
>>> that I'd seen before. A quick Googling confirmed this observation. I had
>>> assumed that the passwords used by the my_th_tv backend were randomly
>>> generated however it appears that is not the case. It maybe that they are
>>> specified per my_th_bu_ntu version, or some other schema? If I am correct
>>> anyone wishing any degree of security on their my_th_tv box (which I
>>> think
>>> means those who expose it to the web) should change the default password.
>>> Is
>>> this correct? Can anyone expand on this?
>>
>>
>> the ubuntu package mythtv-common creates a random password - see the
>> postinst script. Specifically this line
>>
>> mythtv_password="$(pwgen -s 8)"
>
>
> Hmmm Try
>
> https://www.google.co.nz/search?q=C1RFOKlE&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a
>
> If it were random why does that password find many seemingly independent
> mythtv situations? Perhaps it reflects older practice and the hole has been
> plugged more recently? I think you're running 12.04 now Nick?
>
I can't explain that at all.
I am running 10.04 with 0.24-fixes. Long weekend - might upgrade to
0.25-fixes, but not sure if I want to go to 12.04 or stick to 10.04.
I do have a 12.04-rc install on a usb stick, which I have successfully
run on a laptop and a revo frontend.
I see major bugs being eliminated in 0.25 so it might be time to go for it soon.
More information about the mythtvnz
mailing list