Page 1 of 1
It's a Bird, it's a plane, is Nagios encryped passwords!
Posted: Fri Mar 14, 2014 10:24 am
by benhank
Guys i now have to encrypt my passwords for centos. They have to be stored in /etc/passwords/file.
1. Does anyone know how its done?
Questions for nagios itself:
NOTE for the sake of brevity, "nagios" includes Nagios core as well.
2.Will there be any adverse affects to nagios if I have to encrypt Centos passwords?
3. 2.Will there be any adverse affects to nagios if I have to encrypt Nagios passwords?
How do you encrypt magios passwords?
How do I force users to change passwords after a certain age.
How do I force password complexity rules?
Re: It's a Bird, it's a plane, is Nagios encryped passwords!
Posted: Fri Mar 14, 2014 11:24 am
by sreinhardt
Let's start at the top here, what exact form of passwords do you need to encrypt and if I may, why? As some base information for you, the following passwords are already encrypted or hashed.
/etc/passwd / /etc/shadow - these are the local(ssh/console) users and passwords for the cent system
various htpasswd files - These are used for nagvis, bpi and nagios core/ccm interface
postgres passwords - These are used for ALL XI interface users, and are hashed within the database itself
I'm honestly not sure what other passwords you would like to encrypt, unless you mean to encrypt remote system passwords, which could be done through a couple different options off the top of my head, but let's confirm that's actually what you would like to do.
Re: It's a Bird, it's a plane, is Nagios encryped passwords!
Posted: Fri Mar 14, 2014 11:37 am
by benhank
We cave to make the root password and any user paswords encrypted for the OS.
For my team, this would include the snmpttuser pass and stuff.
based on what you posted, that means that the passwords used by Nagios (and core) are encrypted by default?
Re: It's a Bird, it's a plane, is Nagios encryped passwords!
Posted: Fri Mar 14, 2014 12:17 pm
by sreinhardt
All passwords for local user accounts, such as root and snmptt, are hashed per standard linux os password storage in /etc/passwd and /etc/shadow. These are one way hashing functions, and generally considered secure. What additional encryption or hashing are you planning on adding?
Re: It's a Bird, it's a plane, is Nagios encryped passwords!
Posted: Mon Mar 17, 2014 12:24 pm
by benhank
Sorry for the long reply. I am good with the secure passwords. I just told the auditors that we have 5 different passwords for each server. They just all are spelled the same". boom all set.
What I still need to know is if I can set passwords to expire at a certain time and then prompt the user to change it.
Re: It's a Bird, it's a plane, is Nagios encryped passwords!
Posted: Mon Mar 17, 2014 1:32 pm
by slansing
In nagios XI? Not currently, that would take some finessing as they are held within postres database tables.
Re: It's a Bird, it's a plane, is Nagios encryped passwords!
Posted: Tue Mar 18, 2014 9:55 am
by benhank
ok yall can lock it. but beware i have nsti and snmptt questions inbound.