Please read Script Templates section in Lighthouse manual https://ftp.opengear.com/download/documentation/manual/current/lighthouse/ and the following article as it explains Script Templates usage, how to upload and apply to specific nodes.
https://opengear.zendesk.com/hc/en-us/articles/115004747366-Configuration-Templating-on-Lighthouse-5
Note: Use the freely available Notepad++ which allows you to save the script with Unix (LF) line endings, not DOS (CRLF) line endings. Ensure any 'single' and "double" quotation marks have not been converted into curly “smart quotes”. Applying scripts with DOS (CRLF) line endings will break node configuration.
The example scripts here is designed to make small changes to existing users or groups on the Nodes. To add local users and groups use the "User and Groups Templates"
Changing root encrypted password
SSH into Lighthouse or a Console Server and generate the MD5 encrypted password. In this case "secret_sauce" is the plain text password to be encrypted.
openssl passwd -1 -salt asdf -stdin
secret_sauce
$1$asdf$OnzUQMt4y4T9d0dYzT8NN/
$1$asdf$KeQl4zDAmDjcWPUOaEMJa/
If you are running firmware 4.10 or later and have enabled SHA-512 please use this syntax. The Console Server cannot run this command but it can be run on Lighthouse or other Linux distribution.
openssl passwd -6 -salt asdf -stdin
secret_sauce
$6$asdf$lsjjYmYNVSIqxfrmsjPvrf7Juc6DNiDg71QShmaSLXQGZT.mWDP6pKqOGFoG509pH4.hf5nWTLqC./tOHKB6N
Edit the file and paste one of the encrypted password inside the single quotes.
#!/bin/bash
prefix=$(config --list-base config.users --list-item-key username --list-get-by-value root | head -n1 | cut -f1-3 -d.)
config -s $prefix.password='$1$asdf$KeQl4zDAmDjcWPUOaEMJa/'
config -r users
Changing root password with plain text password in script
Edit the file and type in the password inside the single quotes.
#!/bin/bash
prefix=$(config --list-base config.users --list-item-key username --list-get-by-value root | head -n1 | cut -f1-3 -d.)
config -s $prefix.plaintext_password='secret_sauce'
config -r users
Disable root account
To disable a different local user edit file and replace "--list-get-by-value root" with "--list-get-by-value john-localadmin"
Related articles below:
https://opengear.zendesk.com/hc/en-us/articles/216371503-Changing-the-default-root-system-password
https://opengear.zendesk.com/hc/en-us/articles/216371303-Managing-local-users-from-the-command-line
Comments
0 comments
Article is closed for comments.