From c32bd2c7098d9b1a70dda272b90dcabfa00e3c28 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 19 Sep 2024 17:32:22 +0200
Subject: [PATCH] Generate random root password instead of using admin password

---
 bin/v-commander | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/bin/v-commander b/bin/v-commander
index f6a9cf7d..834fb38b 100644
--- a/bin/v-commander
+++ b/bin/v-commander
@@ -535,11 +535,11 @@ do
         echo "--- New settings ---"
         grep '^PermitRoot' /etc/ssh/sshd_config
         echo "--------------------"
-        adminline=$(grep '^admin:' /etc/shadow)
-        adminline=${adminline:6}
-        adminline="root:$adminline"
-        sed -i "s#^root:.*#$adminline#" /etc/shadow
-        echo "root password is now the same as admin password."
+        root_password=$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32)
+        hashed_root_password=$(openssl passwd -6 "$root_password")
+        sed -i "s#^root:.*#root:$hashed_root_password#" /etc/shadow
+        echo "Root password is now a new random password."
+        echo "New root password: $root_password"
         echo "--------------------"
         grep '^root:' /etc/shadow
         grep '^admin:' /etc/shadow
@@ -549,7 +549,6 @@ do
         echo "--------------------"
     fi
 
-
     if [ "$answer" = 'r' ] || [ "$answer" = 'R' ]; then
         echo "============================="
         echo "== Rebooting the server"