You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by pd...@apache.org on 2015/03/08 06:39:26 UTC

cloudstack-docs-admin git commit: CLOUDSTACK-3990: add password encryption

Repository: cloudstack-docs-admin
Updated Branches:
  refs/heads/master 1f35778d3 -> 2e9e68ec9


CLOUDSTACK-3990: add password encryption


Project: http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/commit/2e9e68ec
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/tree/2e9e68ec
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/diff/2e9e68ec

Branch: refs/heads/master
Commit: 2e9e68ec90d5c400adff01432ff23c83992926dd
Parents: 1f35778
Author: Pierre-Luc Dion <pd...@apache.org>
Authored: Sun Mar 8 00:39:10 2015 -0500
Committer: Pierre-Luc Dion <pd...@apache.org>
Committed: Sun Mar 8 00:39:10 2015 -0500

----------------------------------------------------------------------
 source/hosts.rst | 11 +++++++++++
 1 file changed, 11 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack-docs-admin/blob/2e9e68ec/source/hosts.rst
----------------------------------------------------------------------
diff --git a/source/hosts.rst b/source/hosts.rst
index 2150ce6..21f0a0e 100644
--- a/source/hosts.rst
+++ b/source/hosts.rst
@@ -226,6 +226,17 @@ To change a Node's password:
    the host and the password known to CloudStack will not match.
    Operations on the cluster will fail until the two passwords match.
 
+#. if the password in the database is encrypted, it is (likely) necessary to
+   encrypt the new password using the database key before adding it to the database.
+
+   .. code:: bash
+
+      java -classpath /usr/share/cloudstack-common/lib/jasypt-1.9.0.jar \
+      org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI \
+      encrypt.sh input="newrootpassword" \
+      password="databasekey" \
+      verbose=false
+
 #. Get the list of host IDs for the host in the cluster where you are
    changing the password. You will need to access the database to
    determine these host IDs. For each hostname "h" (or vSphere cluster)