Control your user password
The "passwords" configuration option allows you to create or rotate user passwords remotely through automation. This is very important to replace standard passwords and is also very convenient if existing passwords might have become exposed or if service technicians leave the company. Please make sure you insert passwords as hashes.
How to create sha-512 password hashes?
Please refer to your Linux distribution how to create password hashes. On many system this will produce a SHA-512 hash:
mkpasswd -m sha-512 -s
If you do not have mkpasswd installed you can also use this Python3 one liner to create a valid SHA-512 hashed password. This will also work on a Raspberry Pi. The RPI does not have mkpasswd installed as default, but Python3 is available:
python3 -c "import crypt;print(crypt.crypt(input('clear-text pw: '), crypt.mksalt(crypt.METHOD_SHA512)))"
In "Configuration management" menu you find the option to set your different user passwords. This can be done on a device level or group level for multiple devices. Prevent standard user passwords from being deployed in your production environment. Change passwords if service technicians leave to prevent security weaknesses. All this is centrally controlled through the qbee.io backend.
Please note that the passwords need to be inserted as a hash, not a clear text password. This increases security and we do not want to save any clear text passwords on the qbee platform. Depending on what hash you create the password will be set accordingly. We recommend that you use SHA-512 or stronger and not MD-5. Even if you do not know the previous password qbee will overwrite and create a new password. All of this is also logged in the audit log.
If a new user is created and receives a new password this takes two qbee agent runs.
If a new user is added and the user is assigned a password during the same commit it takes two runs of the qbee agent to converge and set the password. Here you will find the user management.
Another practical feature is the button "Registered users". This shows all users in the system.