Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func HandleCredentials ¶
func HandleCredentials(cfgSteps steps.ConfigSteps)
Determine unit credentials, store securely. Sets IPMI/BIOS pw using an OOB tool.
func RequestShellPassword ¶
func RequestShellPassword()
Asks user to input shell password. Compares to stored pw. Reboots if no match - ONLY returns if password matches.
Types ¶
type Stasher ¶
type Stasher interface {
//set serial number, recovery volume, etc
SetUnit(unit common.Unit)
//called immediately after mfg data is parsed
SetData(common.StashData)
// Determine unit credentials, store securely. Sets IPMI/BIOS pw
// using an OOB tool.
HandleCredentials(cfgSteps steps.ConfigSteps)
//Stores other secrets.
Mfg()
//Returns OS Password.
ReadOSPass() (string, error)
//Returns BIOS Password.
ReadBiosPass() (string, error)
//Returns IPMI Password.
ReadIPMIPass() (string, error)
// Asks user to input shell password. Compares to stored pw. Reboots if no
// match - ONLY returns if password matches.
RequestShellPassword()
}
Stasher securely stores secrets and allows agonizing abominable alliteration. It stores things such as keys, certificates, passwords on the unit. Where these things come from is implementation-defined: they could come from a local CSPRNG, an external server, etc.
Stasher must be able to write all secrets locally, but the only type for which reading is supported in this interface is passwords. Reading passwords is necessary so they can be set, and when making out-of-band changes (i.e. IPMI, BIOS).
Source Files
Click to show internal directories.
Click to hide internal directories.