New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Aldryic said that that was going to be a feature in Stallion 2; not storing the password in the database. So apparently the code is in place for when the new panel goes live.
If you do set the root pass in Stallion, it will still be stored, so the safer choice is just using
passwd
@u4ia Stallion stores vps passwords?
I am assuming so, every time i reinstall, the root password is the one I originally set in Stallion.
I got a 256 NY! So happy right now. How long does it take to get out of "pending"?
mine was around 5-10 minutes
Did solusvm also store password?
I think so.
Maybe not. When i reinstall os, i need to set a new password via solusvm. I think the default password depend on os template.
date | sha1sum, then copy paste and forget about it.
No that hard to brute force now that you told us ...... 24 x 60 x 60 = 86400
better?
Except if you're in a situation where you can brute force it, you're already on my box, and I've lost anyway.
You also don't seem to understand what 'date' returns.
Not in the default config (which has root login enabled). Also (assuming you are trying to bruteforce VMs set up in the last 3 days) it's 3x24x60x60 = 259,200
Time zone alone guarantees it's at least more complicated than that, but believe what you want. I feel fine using it.
Anyone willing to leave root login enabled over SSH is probably too fucking stupid to care if they have a good root password.
How is the timezone in any way related to this? The password is generated on BuyVM's billing server which always has the same timezone.
Excuse me while I do a victory dance over snagging an NY 128 OVZ.
Reread the discussion. We were talking about changing root passwords after install. Klikli mentioned using md5 on a random string, and I mentioned using date | sha1sum. Being able to crib the brute force depends on knowing the output of the UNIX 'date' command, for which the time zone is, indeed, a factor.
At any rate, another equally valid route is:
I've never seen them stay up this long. Two available in Buffalo and 22 in San Jose as I post this.
uptime | sha1sum would definitely do the trick. You have many factors: load, timestamp, uptime, and number of users
Sorry my bad, i thought the discussion was about how secure the default password BuyVM generates is.
OMG I missed the 128MB in NY.... AGAIN FOR THE SECOND TIME!!!!!
They lasted like 40 minutes, you're gonna have to be faster :P
@jarland thanks for the heads up, I just couldn't reach home in time to get it again, had traffic on the highway trying to get back home to get online ;( Looks like I'll have to take a helicopter next time lol
Has the public release happened yet?
Yes twice today. Next time tomorrow.
There still is some stock
http://doesbuyvmhavestock.com/
this is public release already right?
Is this an alternate universe or something?!
I managed to snag a NY 256 at 7am (sold out quick!), had prepaid visa issues and accnt terminated, then still managed to snag a new one at 4pm. awesome
Someone with a fat internet connection in the states, whats the upload on these VPS look like? I did a wget from speedtest and i got about 18MB/s and only 9ms ping to google.com!
Finally!!! Got a 128 from NY! I can now sleep at night