How to – enable and use password encryption in ViciDial
This article is going to go over how to enable and use password encryption in ViciDial. By default passwords are displayed in plain text in the ViciDial Admin GUI, this will show you how to encrypt those.
Step 1: Installing the Bcrypt perl module
Using the CPAN console install the Bcrypt, run the below command
cpan
install Crypt::Eksblowfish::Bcrypt
Step 2: Enabling the Password Encryption
By default the Password encryption is disabled in Vicidial and we need to enable it by using a perl script via the Linux command line as show below:
/usr/share/astguiclient/ADMIN_bcrypt_convert.pl –debugX –test
If no errors received run the same script without –test flag as shown below
/usr/share/astguiclient/ADMIN_bcrypt_convert.pl –debugX
Now navigate to ADMIN > SYSTEM SETTINGS > PASSWORD ENCRYPTION
and you’ll see the Password Encryption is now enabled. Now all new users added to the system will automatically be encrypted.
Step 3: Encrypting Plain Text Password
All the users passwords which are created before enabling the Password encryption, will remain as clear plain text ,to encrypt the existing plain text passwords either manually edit them and update or run the below command to convert all the plain text to encrypted text.
/usr/share/astguiclient/ADMIN_bcrypt_convert.pl –clear-plaintext-pass
or
/usr/share/astguiclient/ADMIN_bcrypt_convert.pl –debugX –update-override –clear-plaintext-pass
How to Reset the Forgotten Password
If you have forget the admin password , you need to update the password under mysql/mariadb with the hashed password, for non-admin users either you can update the password from admin login or follow the below procedure.
Step 1: Generate the Hash Password
Run the below command from SSH console with the password which you want to set of a user
for example for admin user 6666 i need to set a password as admin123
/srv/www/htdocs/agc/bp.pl –pass=admin123
The above command will output the HASHED value of admin123 ,copy that proceed to step 2
Step 2: Updating the Mysql user table
once hash password generated run the below mysql command with the password generated in step 1
mysql -p
use asterisk;
UPDATE vicidial_users set pass_hash=’kfYvywV959fn09rSZML70wHjjxsaYjm’ where user=’6666′;
Now you can login to the vicidial admin or agent portal with the new password.
I hope this helps some of you who need to have tighter security for your systems.
-Chris aka carpenox
Leave a Reply