Hide Forgot
Description of problem: /etc/sysconfig/virt-who contains plaintext passwords. Customer requests hashed password Version-Release number of selected component (if applicable): 6.6 How reproducible: Every time Steps to Reproduce: 1. Look at /etc/sysconfig/virt-who password variables 2. 3. Actual results: Plaintext passwords Expected results: Obscured passwords Additional info: Ideally, customer would like an easy way to update the passwords (i.e. "virt-who --old-password=old --new--password=new --hash-algorithm=SHA256")
This issue is solved by virt-who-password, that is present in virt-who >= 0.10. This means that the bug is (will be) fixed in RHEL-6.6 and RHEL-7.1. Please let me know if the solution (virt-who-password) is acceptable for the customer.
When using encrypted password, you need to use create config file in /etc/virt-who.d/ with following content: [test] type=esx owner=<owner> env=<env> server=<vCenter_FQDN> username=<username> encrypted_password=<encrypeted_password> See virt-who-config(5) manual page.
We did above (at another site) Using /etc/virt-who.d/file with "password", it works Using /etc/virt-who.d/file with "encrypted_password", we get "Cannot complete login due to an incorrect user name or password." then "ERROR: Unable to login to ESX" We are running a fully patched RHEL 6.6 x86_64 VM (virt-who is 0.18-8.el6). We also tried a second username with similar results. Any suggestions?
Thom, looks like this bug: https://bugzilla.redhat.com/show_bug.cgi?id=1161604 It will be resolved in 6.7.
Fixed by rebase to virt-who-0.12-1.el6.
Virt-who can send host/guest associate to Satellite6.1.0/SAM when virt-who configure with encrypted password, Therefore, Verified it on virt-who-0.12-2.el6.noarch Verified version: virt-who-0.12-2.el6.noarch subscription-manager-1.14.1-1.el6.x86_64 python-rhsm-1.14.1-1.el6.x86_64 Satellite-6.1.0-RHEL-7-20150331.1 Verified steps: 1. Register virt-who system to satellite/SAM. Configure virt-who under /etc/virt-who.d/ with encrypted password (virt-who-password). [root@rhel6 ~]# virt-who-password Password: Use following as value for encrypted_password key in the configuration file: 5b88800af968f28cb59089f55bc01caf [root@hp-z220-05 ~]# cat /etc/virt-who.d/virtwho [test-esx1] type=esx server=10.66.79.72 username=Administrator@vsphere.local encrypted_password=5b88800af968f28cb59089f55bc01caf owner=ACME_Corporation env=Library [root@hp-z220-05 ~]# vim /etc/sysconfig/virt-who VIRTWHO_BACKGROUND=1 VIRTWHO_DEBUG=1 2. Restart virt-who services. [root@hp-z220-05 ~]# service virt-who restart Stopping virt-who: [ OK ] Starting virt-who: [ OK ] 3.Check the log in the /var/log/rhsm/rhsm.log, It hasn't show any error message. virt-who send host/guest mapping to satellite/SAM 2015-04-01 03:35:27,745 [DEBUG] @esx.py:51 - Log into ESX 2015-04-01 03:35:28,759 [DEBUG] @esx.py:54 - Creating ESX event filter 2015-04-01 03:35:29,079 [DEBUG] @esx.py:113 - Waiting for ESX changes 2015-04-01 03:35:29,093 [INFO] @subscriptionmanager.py:124 - Sending update in hosts-to-guests mapping: {564ddb0f-caf1-7df2-579c-2f5a43bbac65: [420e3b44-d7b1-856c-e60c-5d7442bf137c], aee4ff00-8c33-11e2-994a-6c3be51d959a: [], 86b2bd00-8bad-11e2-87f4-6c3be514699d: [4224a77f-1c50-42cb-3507-2b68b447ed60, 4224e5d2-4fcf-2bc2-2559-5846035d3a78]}
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1377.html