From 5c4425ec543adbbadb4b02b8b98dd4b54c9124ac Mon Sep 17 00:00:00 2001
From: Shivaram Lingamneni <slingamn@cs.stanford.edu>
Date: Sun, 24 May 2020 18:00:58 -0400
Subject: [PATCH] switch to nothing-up-my-sleeve example password hashes

---
 conventional.yaml     | 4 ++--
 distrib/docker/run.sh | 2 +-
 oragono.yaml          | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/conventional.yaml b/conventional.yaml
index d6d1db79..fe3e5bbb 100644
--- a/conventional.yaml
+++ b/conventional.yaml
@@ -152,7 +152,7 @@ server:
             fingerprint: "abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789"
 
             # password the gateway uses to connect, made with oragono genpasswd
-            password: "$2a$04$sLEFDpIOyUp55e6gTMKbOeroT6tMXTjPFvA0eGvwvImVR9pkwv7ee"
+            password: "$2a$04$abcdef0123456789abcdef0123456789abcdef0123456789abcde"
 
             # addresses/CIDRs that can use this webirc command
             # you should also add these addresses to the connection limits and throttling exemption lists
@@ -589,7 +589,7 @@ opers:
         # or by certificate fingerprint, or both. if a password hash is set, then a
         # password is required to oper up (e.g., /OPER dan mypassword). to generate
         # the hash, use `oragono genpasswd`.
-        password: "$2a$04$LiytCxaY0lI.guDj2pBN4eLRD5cdM2OLDwqmGAgB6M2OPirbF5Jcu"
+        password: "$2a$04$0123456789abcdef0123456789abcdef0123456789abcdef01234"
 
         # if a SHA-256 certificate fingerprint is configured here, then it will be
         # required to /OPER. if you comment out the password hash above, then you can
diff --git a/distrib/docker/run.sh b/distrib/docker/run.sh
index 280abab9..f049dd47 100644
--- a/distrib/docker/run.sh
+++ b/distrib/docker/run.sh
@@ -11,7 +11,7 @@ if [ ! -f "/ircd/ircd.yaml" ]; then
     OPERPASS=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c20)
     echo "Oper username:password is admin:$OPERPASS"
     ENCRYPTEDPASS=$(echo "$OPERPASS" | /ircd-bin/oragono genpasswd)
-    ORIGINALPASS='\$2a\$04\$LiytCxaY0lI.guDj2pBN4eLRD5cdM2OLDwqmGAgB6M2OPirbF5Jcu'
+    ORIGINALPASS='\$2a\$04\$0123456789abcdef0123456789abcdef0123456789abcdef01234'
 
     awk "{gsub(/password: \\\"$ORIGINALPASS\\\"/,\"password: \\\"$ENCRYPTEDPASS\\\"\")}1" /tmp/ircd.yaml > /tmp/ircd2.yaml
 
diff --git a/oragono.yaml b/oragono.yaml
index 6eacba13..36ff46cf 100644
--- a/oragono.yaml
+++ b/oragono.yaml
@@ -178,7 +178,7 @@ server:
             fingerprint: "abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789"
 
             # password the gateway uses to connect, made with oragono genpasswd
-            password: "$2a$04$sLEFDpIOyUp55e6gTMKbOeroT6tMXTjPFvA0eGvwvImVR9pkwv7ee"
+            password: "$2a$04$abcdef0123456789abcdef0123456789abcdef0123456789abcde"
 
             # addresses/CIDRs that can use this webirc command
             # you should also add these addresses to the connection limits and throttling exemption lists
@@ -615,7 +615,7 @@ opers:
         # or by certificate fingerprint, or both. if a password hash is set, then a
         # password is required to oper up (e.g., /OPER dan mypassword). to generate
         # the hash, use `oragono genpasswd`.
-        password: "$2a$04$LiytCxaY0lI.guDj2pBN4eLRD5cdM2OLDwqmGAgB6M2OPirbF5Jcu"
+        password: "$2a$04$0123456789abcdef0123456789abcdef0123456789abcdef01234"
 
         # if a SHA-256 certificate fingerprint is configured here, then it will be
         # required to /OPER. if you comment out the password hash above, then you can