6.7. Configure virt-who with an Encrypted Password

virt-who can encrypt the passwords for the hypervisor and give you the string to use. The encrypted password is located in the /etc/virt-who.d/ configuration file.
To generate an encrypted password:
  1. Verify /var/lib/virt-who/key encryption file has root read and write permission.
  2. To get an encrypted password string, run the virt-who-password as root:
    # virt-who-password
    Password:
    Use the following as a value for the encrypted_password key in the configuration file:
    encrypted_password_string
    Type the password of your hypervisor and write down the encrypted string.
  3. Create a new configuration file for virt-who inside /etc/virt-who.d/.

    Note

    Since a configuration file is created under /etc/virt-who.d/, do not specify the hypervisor details in /etc/sysconfig/virt-who. For more information, see the man page:
    $ man virt-who-config
    For example, on vCenter:
    # vi /etc/virt-who.d/config
    [config]
    type=esx
    server=vcenter/esx_host>
    username=vcenter/esx_username
    encrypted_password=encrypted_password_string
    owner=owner
    env=Library
    
  4. Verify that the /var/lib/virt-who/key encryption key file has root read and write permission.
    # ll /var/lib/virt-who/key
    -rw-------. 1 root root 130 Jun 29 14:43 /var/lib/virt-who/key
    
  5. After the configuration change, restart the virt-who service.
    • On Red Hat Enterprise Linux 6:
      # service virt-who restart
      
    • On Red Hat Enterprise Linux 7:
      # systemctl restart virt-who
      
  6. To determine the value of owner in the /etc/virt-who.d/ configuration file, run the following command. The org ID string is the owner value:
    # subscription-manager identity
    
    org ID : string