HI,
I recently activated Suricata on my router (opnsense).
Today I saw this alert:
ET POLICY Outgoing Basic Auth Base64 HTTP Password detected unencrypted
http hostname|updates.rockstor.com
http url|/rockstor-stable/leap/15.3/repodata/repomd.xml
Do I need to worry now? Is this the root password?
Is this by design?
Cheers,
Johan.
@dont Hello again.
I can chip in on this one:
No.
No, it’s the Stable repo password for your Appliance ID only.
Yes. We had limited options and it’s akin to the system used by the SLES ‘paid/subscription’ repositories. I.e. zypper basic auth repo access.
The credentials used are stored on your system and used for no other purpose than to access the stable repo. And that repo (in the 15.3 variant) is currently empty at that. But not for long.
If you wanted to avoid this you could temporarily subscribe to testing but not update and ensure you have no auto update in place. And when you fancy jumping to the next stable release subscribe back to stable, do the update, then back to testing and again not update. The testing repo does not use authentication so your regular zypper checks will not involve this credential use.
You may also want to look at our recently revised doc entry on the Web-UI update mechanisms as there is one where you update everything except the ‘rockstor’ package. And currently only the ‘rockstor’ package is hosted in both the testing and stable channels. This didn’t use to be the case but we have managed to keep it this way for our openSUSE version.
Install updates from the Web-UI
https://rockstor.com/docs/installation/install.html#install-updates-from-the-web-ui
To achieve the everything but the rockstor package update we simply pin that package during the indicated update mechanism. Then unpin there after. In zypper land this is addlock and removelock:
Hope that helps.
Thank you for the clarification.
I will stay with the stable updates. Everything is working great at the moment no need for testing 
Have a great Sunday!
Johan.