Secure storage of plaintext root password

[BrandonH]

HostGator TOS requires that a current root password be kept on file for VPS and dedicated servers (which is reasonable). The only way to do this is to submit a ticket with the root password in plaintext. Tickets are fully viewable in the ticket system. The security of all VPS and dedicated servers now unnecessarily depends on the security of the ticket system authentication.

A better solution would be a WHM/cPanel addon or a one way drop box with secure submission.

[GatorNathon]

Quote:

Originally Posted by BrandonH

HostGator TOS requires that a current root password be kept on file for VPS and dedicated servers (which is reasonable). The only way to do this is to submit a ticket with the root password in plaintext. Tickets are fully viewable in the ticket system. The security of all VPS and dedicated servers now unnecessarily depends on the security of the ticket system authentication.

A better solution would be a WHM/cPanel addon or a one way drop box with secure submission.

I believe what you are referring to is this section

12.) Dedicated Servers
HostGator reserves the right to reset the password on a dedicated server if the password on file is not current so that we may do security audits as required by our datacenter. It is the responsibility of the client to ensure that there is a valid email address and current root password on file for their dedicated server on file to prevent downtime from forced password resets.


Basically what this is referring to is if we have to get in to do an investigation and we are intentionally being blocked access we will do what is needed. We do have SSH keys setup to all servers so we normally do not need your password at all in tickets.

This typically will not cause any problems for your normal user it will only cause problems for those abusing our system. It is possible to remove our SSH key and change the password which is not a a big deal but usually the only people who really want to keep us out that bad are doing something they aren't supposed to. For example, if we receive a complaint that one of our servers is sending out tons of spam we must get into it as soon as possible to figure out what is going on.

I also do agree this is a great idea and is something we could implement into our new billing system and I'll see what we can do.

[BrandonH]

I only recently found the seperate system for VPS billing. You guys are so close to secure root password submission and storage already. The system itself is run over SSL. Only the first few characters of the root password currently on file are displayed. All that's missing is a form to update the password on file.