Configuring the user password hash algorithm
Configure the algorithm to hash user passwords for OpsCenter authentication.
Configure the algorithm to hash user passwords OpsCenter authentication. The default
as of OpsCenter 6.0 is bcrypt+blake2b-512
. Earlier versions of
OpsCenter used sha256
. OpsCenter versions prior to 6.0 are
automatically migrated to the new default bcrypt+blake2b-512
for
increased password protection.
Available
password_hash_type
options include:- bcrypt+blake2b-512
- pbkdf2+blake2b-512
- pbkdf2+sha512
- pbkdf2+sha3-256
- bcrypt+sha512
opscenterd.conf
The location of the opscenterd.conf file depends on the type of installation:- Package installations: /etc/opscenter/opscenterd.conf
- Tarball installations: install_location/conf/opscenterd.conf
Procedure
-
Open the opscenterd.conf file for
editing.
Set
password_hash_type
to the desired hashing option in the[authentication]
section.[authentication] password_hash_type = pbkdf2+sha3-256
- Restart OpsCenter.
- Instruct users to log in again so that OpsCenter can rehash and restore the user passwords. Because password hash algorithms are one-way functions that cannot be reversed, logging in again is necessary to update previously hashed user passwords.