6.7. Configure virt-who with an Encrypted Password

virt-who can encrypt the passwords for the hypervisor and give you the string to use. The encrypted password is located in the /etc/virt-who.d/ configuration file.
To generate an encrypted password:
  1. Verify /var/lib/virt-who/key encryption file has root read and write permission.
  2. To get an encrypted password string, run the virt-who-password as root: 
    # virt-who-password
Password:
Use the following as a value for the encrypted_password key in the configuration file:
encrypted_password_string
    Type the password of your hypervisor and write down the encrypted string.
  3. Create a new configuration file for virt-who inside /etc/virt-who.d/.

    Note

    Since a configuration file is created under /etc/virt-who.d/, do not specify the hypervisor details in /etc/sysconfig/virt-who. For more information, see the man page: 
    $ man virt-who-config
    For example, on vCenter: 
    # vi /etc/virt-who.d/config
[config]
type=esx
server=vcenter/esx_host>
username=vcenter/esx_username
encrypted_password=encrypted_password_string
owner=owner
env=Library
  4. Verify that the /var/lib/virt-who/key encryption key file has root read and write permission. 
    # ll /var/lib/virt-who/key
-rw-------. 1 root root 130 Jun 29 14:43 /var/lib/virt-who/key
  5. After the configuration change, restart the virt-who service.
    • On Red Hat Enterprise Linux 6: 
      # service virt-who restart
    • On Red Hat Enterprise Linux 7: 
      # systemctl restart virt-who
  6. To determine the value of owner in the /etc/virt-who.d/ configuration file, run the following command. The org ID string is the owner value: 
    # subscription-manager identity

org ID : string