cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Facundo Guerrero <fguerr...@ipaddress.com.ar>
Subject Re: Upgrade to 3.0.2 Encrypt password
Date Tue, 12 Jun 2012 13:05:19 GMT
Thanks, that works great! . Problem solved



El 12/06/12 04:14, Kishan Kavala escribió:
> Facundo,
>   Password in host_details should be encrypted. Please encrypt the password before inserting
into host_details table.
>
> 1. Encrypt kvm host password using the below command
> 	java -classpath /usr/share/java/cloud-jasypt-1.8.jar org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI
encrypt.sh input=<kvm-host-password> password=<db-secret-key> verbose=false
> 2. Insert encrypted password(output of step #1) into host_details table instead of plain
password (If the password is already inserted, update the existing password instead of inserting
again)
> 	insert into cloud.host_details (host_id, name, value) VALUES (the-id-of-host,"password",
encrypted- password)
>
> db-secret-key in step # 1 is the DB secret key provided to cloud-setup-databases/cloud-setup-encryption
during installation/upgrade with -k flag. Default secret key is password.
>
> Please file a bug for this issue at http://bugs.cloudstack.org
>
> ~kishan
>
>> -----Original Message-----
>> From: Facundo Guerrero [mailto:fguerrero@ipaddress.com.ar]
>> Sent: Tuesday, 12 June 2012 3:37 AM
>> To: cloudstack-users@incubator.apache.org
>> Subject: Upgrade to 3.0.2 Encrypt password
>>
>> I'm updateting my cloudstack 3.0.1 to 3.0.2 i use KVM as hypervisor, in the
>> release notes says that i need to run this 2 inserts into the mysql server
>>
>> insert into cloud.host_details (host_id, name, value) VALUES (the-id-of-
>> host,"username", the-actual-host-user-name) insert into cloud.host_details
>> (host_id, name, value) VALUES (the-id-of-host,"password", the-actual-host-
>> password)
>>
>> When i add this i see a error in the management server that says that can't
>> decrypt the password. http://paste.cloudstack.org/rkdd/
>>
>> Which is the correct metod to add this password ?
>>
>>
>>
>> Thanks.
>>

Mime
View raw message