OpenDaylight JIRA https://jira.opendaylight.org This file is an XML representation of an issue en-us 8.20.10 820010 22-06-2022 [AAA-1] Default admin credentials are very dangerous from a security perspective https://jira.opendaylight.org/browse/AAA-1 aaa <p>Opendaylight has default admin credentials (admin/admin). This is dangerous from a security perspective, as many users will never change the defaults. Users should be prompted to set the default admin password at install time.</p> <p>Operating System: Linux<br/> Platform: PC</p> AAA-1 Default admin credentials are very dangerous from a security perspective Bug Resolved Won't Do Unassigned David Jorm Mon, 7 Apr 2014 03:48:14 +0000 Thu, 21 Mar 2019 11:56:49 +0000 Wed, 16 Dec 2015 16:43:14 +0000 General 0 5 <p>Moving to aaa, since config uses aaa for credentials management.</p> <p>AFAIK there is no installer for Opendaylight, beyond the tar-ball.<br/> Clearly the defaults are there to facilitate an admin user who is meant to change the admin credentials. We can have no defaults, but that's hardly any improvement.</p> <p>Bottom line: This appears to be a good feature request for an ODL installer project, and not an AAA bug.</p> <p>This falls under the realm of an installer project. There is no sane way to do this as part of the AAA project.</p> <p>The closest thing ODL upstream has to an installer atm are the deployment tools provided by Integration/Packaging. I'm not sure we could "prompt" the user at install time, but we might be able to expose the defaults to higher layers where they are more likely to get attention.</p> <p><a href="https://wiki.opendaylight.org/view/Deployment" class="external-link" target="_blank" rel="nofollow noopener">https://wiki.opendaylight.org/view/Deployment</a><br/> <a href="https://github.com/dfarrell07/puppet-opendaylight" class="external-link" target="_blank" rel="nofollow noopener">https://github.com/dfarrell07/puppet-opendaylight</a><br/> <a href="https://github.com/dfarrell07/ansible-opendaylight" class="external-link" target="_blank" rel="nofollow noopener">https://github.com/dfarrell07/ansible-opendaylight</a></p> Development External issue ID 668 External issue URL Rank 0|i023hj: