CREDS_MSDOS(8) | System Manager's Manual | CREDS_MSDOS(8) |
creds_msdos
—
creds_msdos |
start |
creds_msdos
rc.d script allows automatic addition of
login credentials during boot using a special file found on the MSDOS
partition of a bootable image. This script is not distributed with the normal
system and is only included with pre-installed bootable images. The goal is to
allow remote access of the system without having to edit the primary root file
system (which may not be accessible from the host the image is being written
from), but place this information in the MSDOS partition that most platforms
can easily access.
Typically, an installable image (such as arm64.img) is written to an SD card or similar media, and has both a native FFS partition as well as an MSDOS partition for booting. If this script is enabled and has been pointed at the boot partition it will inspect the file creds.txt for any credentials to be added to the system.
These are the supported options in the credentials files:
In all cases user is the username to be added, and the user will be added to the “wheel” group.
The sshkeyfile method looks in the MSDOS boot partition for the specified file and merges ssh keys from this file into user's ~/.ssh/authorized_keys file.
The sshkey method adds the keystring to the user's ~/.ssh/authorized_keys file.
The useraddpwhash method uses pwhash as the users's password hash.
The above three methods are the preferred methods.
For the useradd method password is an unencrypted raw password that will be hashed and added to the system. This method is not recommended as it leaves unencrypted passwords around until such time that the script runs. If this method is used then the creds.txt file will be shredded and deleted using “rm -P” after the credentials are updated.
creds_msdos
script appeared in
NetBSD 9.0.
June 10, 2019 | NetBSD 9.4 |