password.rst

Configure passwords

1. Configure the system password for the root user on the compute nodes. This password can be provided in encrypted or clear text form using the chtab </guides/admin-guides/references/man8/chtab.8> command.

   • Clear text: :

     chtab key=system passwd.username=root passwd.password=abc123

   • Encrypted using openssl: :

     chtab key=system passwd.username=root passwd.password=`openssl passwd -6 abc123`

2. Configure the passwords for Management modules of the compute nodes.

   • For OpenBMC managed systems: :

     chtab key=openbmc passwd.username=root passwd.password=0penBmc

   • For IPMI/BMC managed systems: :

     chtab key=ipmi passwd.username=ADMIN passwd.password=admin

   • For HMC managed systems: :

     chtab key=hmc passwd.username=hscroot passwd.password=abc123

     If the username/password is different for multiple HMCs, set the username and password attribute for each HMC node object in xCAT

   • For Blade managed systems: :

     chtab key=blade passwd.username=USERID passwd.password=PASSW0RD

   • For FSP/BPA (Flexible Service Processor/Bulk Power Assembly) the factory default passwords must be changed before running commands against them. :

     rspconfig frame general_passwd=general,<newpassword>
     rspconfig frame admin_passwd=admin,<newpassword>
     rspconfig frame HMC_passwd=,<newpassword>

3. If using the xCAT REST API

   1. Create a non-root user that will be used to make the REST API calls. :

      useradd xcatws
      passwd xcatws # set the password

   2. Create an entry for the user into the xCAT passwd table. :

      chtab key=xcat passwd.username=xcatws passwd.password=<xcatws_password>

   3. Set a policy in the xCAT policy table to allow the user to make calls against xCAT. :

      mkdef -t policy 6 name=xcatws rule=allow

   When making calls to the xCAT REST API, pass in the credentials using the following attributes: userName and userPW