How to – enable and use password encryption in ViciDial

    This article is going to go over how to enable and use password encryption in ViciDial. By default passwords are displayed in plain text in the ViciDial Admin GUI, this will show you how to encrypt those.

Step 1: Installing the Bcrypt perl module

   Using the CPAN console install the Bcrypt, run the below command

cpan
install Crypt::Eksblowfish::Bcrypt

Step 2: Enabling the Password Encryption

    By default the Password encryption is disabled in Vicidial and we need to enable it by using a perl script via the Linux command line as show below:

/usr/share/astguiclient/ADMIN_bcrypt_convert.pl –debugX –test

If no errors received run the same script without –test flag as shown below

/usr/share/astguiclient/ADMIN_bcrypt_convert.pl –debugX 

Now navigate to ADMIN > SYSTEM SETTINGS > PASSWORD ENCRYPTION
and you’ll see the Password Encryption is now enabled. Now all new users added to the system will automatically be encrypted.

Step 3: Encrypting Plain Text Password

    All the users passwords which are created before enabling the Password encryption, will remain as clear plain text ,to encrypt the existing plain text passwords either manually edit them and update or run the below command to convert all the plain text to encrypted text.

/usr/share/astguiclient/ADMIN_bcrypt_convert.pl –clear-plaintext-pass
or
/usr/share/astguiclient/ADMIN_bcrypt_convert.pl –debugX –update-override –clear-plaintext-pass

How to Reset the Forgotten Password

    If you have forget the admin password , you need to update the password under mysql/mariadb with the hashed password, for non-admin users either you can update the password from admin login or follow the below procedure.

Step 1: Generate the Hash Password

    Run the below command from SSH console with the password which you want to set of a user
for example for admin user 6666 i need to set a password as admin123

/srv/www/htdocs/agc/bp.pl –pass=admin123

The above command will output the HASHED value of admin123 ,copy that proceed to step 2

Step 2: Updating the Mysql user table

    once hash password generated run the below mysql command with the password generated in step 1

mysql -p
use asterisk;
UPDATE vicidial_users set pass_hash=’kfYvywV959fn09rSZML70wHjjxsaYjm’ where user=’6666′;

Now you can login to the vicidial admin or agent portal with the new password.

I hope this helps some of you who need to have tighter security for your systems.

-Chris aka carpenox