我正在考虑使用 VMWare API Vix 来管理 VmWare 操作。我一直在检查文档,但所有脚本都使用带有纯文本密码的变量。
我对此不确定,我想在没有纯文本的情况下散列或保护此密码
有任何想法吗?
问问题
452 次
2 回答
0
由于 vmrun 是 VIX API 的命令行实用程序,它需要纯文本密码。您的密码将在控制台应用程序上可见。
如果您可以使用 VixCOM,您可以在调用操作之前保护密码。我在 C# https://github.com/dblock/vmwaretasks中使用了这个库,并在调用单个操作之前使用 3DES 保护我的密码。
应该尽量避免传递明确的密码,并且只在需要它的操作附近对其进行解密。
于 2014-04-28T15:25:34.210 回答
0
Just following up on this question a little. 02Anant pretty much has the guts of your question addressed.
Since the VMWare API is available in powershell, C#, Java and Python your exact implementation is going to be specific to the API language platform you use. I'm mostly familiar with writing VCS integration using vRA forms for input, vCO workflows and Java plugin code for the encryption, storage and heavy lifting.
If you are insistant on using the CLI then the VAPI samples are written to be used that way and can provide a great resource. If you want to take in a password then envoke a script that prompts for the password (or username and password) without echoing and then perfoms your actions so you can mask what password is typed from peering eyes.
You will be correct in masking the password in any UI you provide, encrypt the password if putting into storage and only decrypt the password at the point you send credentials across the wire. The API provides SSO connection to vCenter and therefore after authentication you will be using a token for the procedure calls.
于 2017-08-30T17:31:27.420 回答