Pandora: Documentation en: Password Encryption
1 Password encryption in Pandora FMS
Starting from version 6.0, Pandora FMS supports the encryption of passwords stored in the database. The encryption key is generated from a user provided passphrase and is not stored in the database (neither the key nor the passphrase) so that passwords cannot be recovered from a database dump. Once the passphrase is configured, encryption works transparently for the user.
1.1 Technical details
Passwords are encrypted using the Rijndael cipher with 128 bit blocks in ECB mode. A 256 bit key is generated at startup from the MD5 of the passphrase.
1.2 Configuration in a newly installed Pandora FMS
To enable password encryption the passphrase has to be configured in both the Pandora FMS Server and the Pandora FMS Console:
- Edit the pandora_console/include/config.php file and add the following line:
$config["encryption_passphrase"]="your encryption passphrase";
- Edit the /etc/pandora/pandora_server.conf file and add the following option (note that there are no quotes around the passphrase):
encryption_passphrase your encryption passphrase
Do not forget to restart the Pandora FMS Server after the changes have been made.
1.3 Configuration in an existing Pandora FMS installation
Configure password encryption following the steps required for a newly installed Pandora FMS. At this point any new passwords configured in the Pandora FMS Console will be stored in the database encrypted, but already existing passwords must be encrypted too. To achieve that run the script:
The script will refuse to run a second time, otherwise passwords would become corrupted.
1.4 Changing the encryption passphrase
Changing the encryption passphrase is possible in case it gets compromised. First, passwords in the database must be decrypted:
/usr/bin/pandora_encrypt_db -d /etc/pandora/pandora_server.conf
Then, after changing the encryption passphrase (as described in the configuration in a newly installed Pandora FMS section), they can be encrypted again: