From 751964aa1fbd958fafccbe04b6dcb0c8c150f862 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Guitaut?= Date: Thu, 10 Sep 2015 00:19:48 +0200 Subject: [PATCH] Use openssl rand to generate password It should be more secure than hashing the current time. --- commands | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/commands b/commands index 02d4690..f730410 100755 --- a/commands +++ b/commands @@ -27,8 +27,8 @@ case "$1" in mkdir -p "$SERVICE_ROOT" || dokku_log_fail "Unable to create service directory" mkdir -p "$SERVICE_ROOT/data" || dokku_log_fail "Unable to create service data directory" - rootpassword=$(date +%s | sha256sum | base64 | head -c 16) - password=$(date +%s | sha256sum | base64 | head -c 16) + rootpassword=$(openssl rand -hex 16) + password=$(openssl rand -hex 16) echo "$rootpassword" > "$SERVICE_ROOT/ROOTPASSWORD" echo "$password" > "$SERVICE_ROOT/PASSWORD" touch "$LINKS_FILE"