Bug 1503872

Summary: [Docs][RFE][Admin] Document the ability to enter encrypted passwords with the --password option
Product: Red Hat Enterprise Virtualization Manager Reporter: Byron Gravenorst <bgraveno>
Component: DocumentationAssignee: Emma Heftman <eheftman>
Status: CLOSED DUPLICATE QA Contact: Avital Pinnick <apinnick>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.2.0CC: lbopf, lsurette, rbalakri, srevivo, ykaul
Target Milestone: ---Keywords: FutureFeature, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: docs-accepted
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-13 01:47:57 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Docs RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1389673    
Bug Blocks:    

Description Byron Gravenorst 2017-10-19 01:10:35 UTC 
This update enables administrators to use the new --encrypted option to enter an already encrypted password when invoking 'ovirt-aaa-jdbc-tool user password-reset'.

However, there are some caveats when providing encrypted passwords:

1. Entering an encrypted password means that password validity tests cannot be performed, so they are skipped and the password is accepted even if it does not comply with the password validation policy.

2. A password has to be encrypted using the same configured algorithm. To encrypt passwords, administrators can use the '/usr/share/ovirt-engine/bin/ovirt-engine-crypto-tool.sh' tool, which provides the 'pbe-encode' command to encrypt passwords using the default PBKDF2WithHmacSHA1 algorithm.
Comment 1 Lucy Bopf 2018-02-15 03:45:35 UTC 
Accepting into Beta 3 program and assigning to Emma for review.
Comment 3 Lucy Bopf 2018-04-13 01:47:57 UTC 
Thanks for the comment, Avital. I didn't see this one until now.

It looks like this feature has already been documented for 4.2 as part of bug 1486740, which covered 4.1 as well:

https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.2-beta/html-single/administration_guide/#pre_encrypting_a_user_password

Therefore, I am closing this BZ.

*** This bug has been marked as a duplicate of bug 1486740 ***