Fixed in virt-who-0.12-8.el6.

It still exist on virt-who-0.12-8.el6. When encrypted and decrypted password doesn't exist or len(encrypted_password) is not equal to 32bit(eg: encrypted_password=111111), virt-who still can't start although the configure in /etc/sysconfig/virt-who is accessible. Therefore,reopen it.


Tracked version:
virt-who-0.12-8.el6.noarch
subscription-manager-1.14.6-1.el6.x86_64
python-rhsm-1.14.2-1.el6.x86_64

Retraced process:
Precondition:
The encrypted password doesn't exist.
1. Register rhel to Satellite server, then configure virt-who monitor two vcenters as the following:
[root@rhel67latest ~]# cat /etc/sysconfig/virt-who
VIRTWHO_BACKGROUND=1
VIRTWHO_DEBUG=1
VIRTWHO_INTERVAL=2
VIRTWHO_ESX=1
VIRTWHO_ESX_OWNER=ACME_Corporation
VIRTWHO_ESX_ENV=Library
VIRTWHO_ESX_SERVER=10.66.79.68
VIRTWHO_ESX_USERNAME=Administrator
VIRTWHO_ESX_PASSWORD=qwer1234P!

[root@rhel67latest ~]]# cat /etc/virt-who.d/virt-who
[test-esx1]
type=esx
server=10.66.78.27
username=Administrator
encrypted_password=43f282d679adb816f2bb1cf9c18949ec
owner=ACME_Corporation
env=Library

2. Restart virt-who service
[root@rhel67latest ~]# service virt-who restart
Stopping virt-who:                                         [  OK  ]
Starting virt-who:                                         [FAILED]

3. Check the log, it will not generate error log as bug's description now,  there is an enhancement on this version, it will show a remind info "[Errno 2] No such file or directory: '/var/lib/virt-who/key'".

4. Check the virt-who service
[root@rhel67latest ~]# service virt-who status
virt-who is stopped
[root@rhel67latest ~]# ps -ef|grep virt-who
root      3326     1  0 00:41 ?        00:00:00 /usr/bin/python /usr/share/virt-who/virtwho.py
root      3491  2797  0 01:08 pts/1    00:00:00 grep virt-who

Result: Although virt-who has print an error, It still failed to start virt-who serice

Expected result: virt-who should only print an error but shouldn't crash

I think that failing to start is proper behaviour in this case. Incorrect format of an encrypted password (or the key) should be a red flag for future virt-who operations. It might mean that the config file could be for example truncated or the key file might be corrupted.

It's true that there might be some backends that would work even with this kind of error, but I consider failing as proper result.

Moving back to ON_QA, exiting virt-who when password or key is broken (wrong length) is correct behaviour.

According to Comment 5, I agree with this solution. Therefore, verified it on virt-who-0.12-10.el6.noarch. 

Verified version:
virt-who-0.12-10.el6.noarch
subscription-manager-1.14.10-1.el6.x86_64
python-rhsm-1.14.3-1.el6.x86_64

Verified process:
1.When encrypted and decrypted password doesn't exist, failed to start virt-who service and it will show error log as the following:
[root@hp-z220-05 ~]# service virt-who restart
Stopping virt-who:                                         [FAILED]
Starting virt-who:                                         [FAILED]
2015-06-12 09:42:33,766 [DEBUG] subscription-manager:23092 @connection.py:521 - Response: status=200
2015-06-12 09:43:44,461 [ERROR]  @virtwho.py:541 - [Errno 2] No such file or directory: '/var/lib/virt-who/key'
2. When password or key is broken (wrong length), still failed to start virt-who service and it will show error log as the folllowing:
2015-06-12 09:44:36,194 [ERROR]  @virtwho.py:541 - Password can't be decrypted, possibly corrupted

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1377.html