Let people know that Bacula passwords are plain text and are not generated

though any special magic process.  We're getting this question more often
now.

diff --git a/docs/manual/configure.tex b/docs/manual/configure.tex
index 81b85b37a9eb1be2981cd062bc264050c9eaca92..1efaf4eb0b81b2cbf38be044ed6d47b27f13b2ae 100644 (file)
--- a/docs/manual/configure.tex
+++ b/docs/manual/configure.tex
@@ -348,7 +348,9 @@ you need not worry about creating all these kinds of resources from scratch.
 
 In order for one daemon to contact another daemon, it must authorize itself
 with a password. In most cases, the password corresponds to a particular name,
-so both the name and the password must match to be authorized. 
+so both the name and the password must match to be authorized. Passwords are
+plain text, any text.  They are not generated by any special process; just
+use random text.
 
 The default configuration files are automatically defined for correct
 authorization with random passwords. If you add to or modify these files, you

diff --git a/docs/manual/dirdconf.tex b/docs/manual/dirdconf.tex
index 3a201e7ecbb7ad24e7bfb1aa3c0e90ba67c5d326..94174abdd23691324917cca617361a2f8b83d4dd 100644 (file)
--- a/docs/manual/dirdconf.tex
+++ b/docs/manual/dirdconf.tex
@@ -125,6 +125,9 @@ in the  graphical user interface. This directive is optional.
    process, otherwise it will be left blank and you must manually supply
    it.
 
+   The password is plain text.  It is not generated through any special
+   process.
+
 \item [Messages = \lt{}Messages-resource-name\gt{}]
    \index[dir]{Messages}
    \index[dir]{Directive!Messages}
@@ -1984,6 +1987,9 @@ console run command.  This directive is required.
    Bacula will generate a random  password during the configuration process,
    otherwise it will  be left blank. 
 
+   The password is plain text.  It is not generated through any special
+   process.
+
 \label{FileRetention}
 \item [File Retention = \lt{}time-period-specification\gt{}]
    \index[dir]{File Retention}
@@ -2130,6 +2136,9 @@ the Director.
    Bacula will generate a random  password during the configuration process,
    otherwise it will  be left blank. 
 
+   The password is plain text.  It is not generated through any special
+   process.
+
 \item [Device = \lt{}device-name\gt{}]
    \index[dir]{Device}
    \index[dir]{Directive!Device}
@@ -3037,6 +3046,9 @@ definitions).
    machine, Bacula will generate a random password during the configuration
    process, otherwise it will be left blank.
 
+   The password is plain text.  It is not generated through any special
+   process.
+
 \item [JobACL = \lt{}name-list\gt{}]
    \index[dir]{JobACL}
    \index[dir]{Directive!JobACL}

diff --git a/docs/manual/faq.tex b/docs/manual/faq.tex
index 9be625453100fe81717df3aebbe341cfce717e92..096bac7c1433e6ecd893f5c7b6f8873abb60a1bf 100644 (file)
--- a/docs/manual/faq.tex
+++ b/docs/manual/faq.tex
@@ -851,4 +851,22 @@ iptables -t filter -A INPUT --dport 9103 -j ACCEPT
   work  that backs up say one directory, or even one file. You will quickly find
   out  what tape it wants, and you can mount it before you go home ... 
 
+\label{Password generation}
+\section{Password generation}
+\item [How do I generate a password?]
+\index[general]{MaxVolumeSize}
+
+   Each daemon needs a password.  This password occurs in the configuration
+   file for that daemon and in the bacula-dir.conf file. These passwords are
+   plain text.  There is no special generation procedure.  Most people just
+   use random text.
+
+   Passwords are never sent over the wire in plain text.  They are always
+   encrypted.
+
+   Security surrounding these passwords is best left security to your
+   operating system.  Passwords are not encrypted within Bacula
+   configuration files.
+
 \end{description}
+       
\ No newline at end of file