1.\" $NetBSD: creds_msdos.8,v 1.2 2021/12/11 19:24:19 mrg Exp $ 2.\" 3.\" Copyright (c) 2019 Matthew R. Green 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 20.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 21.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 22.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 23.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.Dd June 10, 2019 28.Dt CREDS_MSDOS 8 29.Os 30.Sh NAME 31.Nm creds_msdos 32.Nd automatically add login credentials from MSDOS partition 33.Sh SYNOPSIS 34.Nm 35.Ar start 36.Sh DESCRIPTION 37The 38.Nm 39rc.d script allows automatic addition of login credentials during boot 40using a special file found on the MSDOS partition of a bootable image. 41This script is not distributed with the normal system and is only 42included with pre-installed bootable images. 43The goal is to allow remote access of the system without having to 44edit the primary root file system (which may not be accessible from 45the host the image is being written from), but place this information 46in the MSDOS partition that most platforms can easily access. 47.Pp 48Typically, an installable image (such as 49.Pa arm64.img ) 50is written to an SD card or similar media, and has both a native FFS 51partition as well as an MSDOS partition for booting. 52If this script is enabled and has been pointed at the boot partition 53it will inspect the file 54.Pa creds.txt 55for any credentials to be added to the system. 56.Pp 57These are the supported options in the credentials files: 58.Bl -tag -compact -width "sshkeyfilepl" -offset indent 59.It Sy sshkeyfile Ar user Ar keyfile 60.It Sy sshkey Ar user Ar keystring 61.It Sy useraddpwhash Ar user Ar pwhash 62.It Sy useradd Ar user Ar password 63.El 64.Pp 65In all cases 66.Ar user 67is the username to be added, and the user will be 68added to the 69.Dq wheel 70group. 71.Pp 72The sshkeyfile method looks in the MSDOS boot partition for 73the specified file and merges ssh keys from this file into 74.Ar user Ap s 75.Pa ~/.ssh/authorized_keys 76file. 77.Pp 78The sshkey method adds the 79.Ar keystring 80to the 81.Ar user Ap s 82.Pa ~/.ssh/authorized_keys 83file. 84.Pp 85The useraddpwhash method uses 86.Ar pwhash 87as the 88.Ar users Ap s 89password hash. 90.Pp 91The above three methods are the preferred methods. 92.Pp 93For the useradd method 94.Ar password 95is an unencrypted raw password that will be hashed and added to the system. 96This method is not recommended as it leaves unencrypted passwords 97around until such time that the script runs. 98If this method is used then the 99.Pa creds.txt 100file will be shredded and deleted using 101.Dq rm -P 102after the credentials are updated. 103.Sh FILES 104.Pa /boot/creds.txt 105.Sh SEE ALSO 106.Xr pwhash 1 , 107.Xr rm 1 , 108.Xr ssh 1 , 109.Xr ssh_config 5 , 110.Xr mount_msdos 8 , 111.Xr sshd 8 , 112.Xr useradd 8 113.Sh HISTORY 114The 115.Nm 116script appeared in 117.Nx 9.0 . 118.Sh AUTHORS 119.An Matthew R. Green Aq Mt mrg@eterna.com.au . 120