Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[CSO] Command to retrieve encrypted passwords automatically generated during installation

0

0

Article ID: KB34353 KB Last Updated: 10 Nov 2020Version: 2.0
Summary:

From Contrail Service Orchestration (CSO) Release 3.3, CSO uses an algorithm to automatically generate a dynamic password for various components. These passwords are generated after the setup_assist.sh script successfully executes during installation. See Generating and Encrypting Passwords for Infrastructure Components.

This article explains how to retrieve these dynamic passwords at a later point in time, after CSO deployment and installation on premises.

 

Symptoms:

Users may forget the dynamic passwords that were generated automatically during installation.

 

Solution:

CSO 3.3

To retrieve these dynamic passwords at a later point in time on CSO 3.3, perform the following steps:

  1. Log in as root to the Installer Virtual Machine from where the setup_assist.sh script was executed.
  2. Access the Contrail Service Orchestration (CSO) directory. For example, if the name of the installer directory is Contrail_Service_Orchestration_Version, use:

root@host:~/# cd /~/Contrail_Service_Orchestration_Version/
  1. Execute the following command to retrieve the dynamic passwords that were generated during installation:

./python.sh deploy_manager/utils/decrypt_password.py
 

CSO 5.1.2

To retrieve these dynamic passwords in CSO version 5.1.2, perform the following steps:

  1. Log in as root to the "startupserver1" Virtual Machine.

root@CSOBMS:~# virsh list --all
 Id    Name                           State
----------------------------------------------------
 1     k8-infra1                      running
 2     vrr1                           running
 3     monitoring1                    running
 4     contrail_analytics1            running
 5     k8-microservices1              running
 6     startupserver1                 running

root@CSOBMS:~# ssh root@192.168.10.31
Welcome to Ubuntu 16.04.5 LTS (GNU/Linux 4.4.0-141-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

21 packages can be updated.
0 updates are security updates.

Last login: Sat Oct 31 22:28:01 2020 from 192.168.10.1
root@startupserver1:~#
  1. Access the Contrail Service Orchestration (CSO) directory. For example, if the name of the installer directory is Contrail_Service_Orchestration_Version, use:

root@startupserver1:~/Contrail_Service_Orchestration_5.1.2# pwd
/root/Contrail_Service_Orchestration_5.1.2
  1. Execute the following command to retrieve the dynamic passwords that were generated during installation:

root@startupserver1:~/Contrail_Service_Orchestration_5.1.2# ./python.sh deploy_manager/utils/decrypt_password.py

UI Password for cspadmin user: abcd
Keystone Password for admin user: abcd
Arangodb root user password: abcd
Cassandra DB password for cassandra user: abcd
Cassandra DB password for casadmin user: abcd
Elasticsearch admin Password: abcd
Keystone Password for swift user: abcd
Mariadb Password for root/admin user: abcd
Mariadb Password for clusteruser user: abcd
Mariadb Password for cspadmin user: abcd
Mariadb Password for icinga user: abcd
Mariadb Password for keystone user: abcd
Password for appvisibilityDb database: abcd
Password for ecmDb database: abcd
Password for nedb database: abcd
Password for nfvodb database: abcd
Password for seciDb database: abcd
Password for smDb database: abcd
Password for vnfmdb database: abcd
Password for commonDb database: abcd
Prometheus user Password: abcd
Rabbitmq cspmq Password: abcd
Rabbitmq neuser Password: abcd
Rabbitmq Monitor password: abcd
Rabbitmq csm_user Password: abcd
Rabbitmq vnfm_user Password: abcd
Redis server Password: abcd
Zookeeper Password for admin user: abcd

Note: I have replaced the password with "abcd" for this article.

 

Modification History:

2020-11-10: Article updated with steps for retrieving encrypted password in CSO 5.1.2

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search