Pandora: Documentation en: Password Encryption

From Pandora FMS Wiki
Jump to: navigation, search

Template wip.png

We are working on the translation of the Pandora FMS documentation. Sorry for any inconvenience.


1 Password encryption in Pandora FMS

Pandora FMS supports the encryption of passwords stored in the database. The encryption key is generated from a user-provided password and is not stored in the database (neither the key nor the password) so that passwords cannot be recovered from a database dump. Once the password is configured, encryption is visible for the user.

Template warning.png

If you lose the password given by the user, you will not recover the password stored in Pandora FMS Database. Save this password in a safe place and make a backup of: 'config.php and pandora_server.conf.


1.1 Technical details

Passwords are encrypted using the Rijndael cipher with 128 bit blocks in ECB mode. A 256 bit key is generated at startup from the password MD5.

1.2 Configuration in a newly installed Pandora FMS

To enable password encryption, the password must be configured in both Pandora FMS Server and Pandora FMS Console:

  • Edit the pandora_console/include/config.php file and add the following line:
$config["encryption_passphrase"]="your encryption passphrase";
  • Edit the /etc/pandora/pandora_server.conf file and add the following option (note that there are no quotes around the password):
encryption_passphrase your encryption password

Do not forget to restart the Pandora FMS Server after the changes have been saved.

1.3 Configuration in an existing Pandora FMS installation

Configure password encryption following the steps required for a newly installed Pandora FMS. At this point, any new passwords configured in the Pandora FMS Console will be stored in the database encrypted, but already existing passwords must be encrypted too. To achieve it, run the following script:

/usr/bin/pandora_encrypt_db /etc/pandora/pandora_server.conf

The script will refuse to run a second time, otherwise passwords would become corrupted.

1.4 Changing the encryption password

Changing the encryption password is possible in case it gets compromised. First, passwords stored within the database must be decrypted:

/usr/bin/pandora_encrypt_db -d /etc/pandora/pandora_server.conf

Then, after changing the encryption password (as described in the configuration in a newly installed Pandora FMS section), they can be encrypted again:

/usr/bin/pandora_encrypt_db /etc/pandora/pandora_server.conf

Template warning.png

From 7.0NG.739 onwards, safe credential management is included.


In case of having an encrypted database available, decrypt everything except for the table tcredential_store

For that purpose, execute the following commands:

/usr/bin/pandora_encrypt_db -d -c /etc/pandora/pandora_server.conf

So leave everything decrypted.

Once decrypted, encrypt it again:

/usr/bin/pandora_encrypt_db /etc/pandora/pandora_server.conf

If you only wish to encrypt from scratch, just execute the last command.