VM Squared
Docs
VM Squared

VM Passwords

Passwords are sometimes needed for VM login, although for remote access SSH Keys are strongly encouraged due to their vastly increased security.

To add passwords to a Virtual Machine, the VM Template’s Context must include two fields:

  • USERNAME - username of the configured user
  • PASSWORD - clear text password of the configured user. Not recommended
  • PASSWORD_BASE64 - base64 encoded reversible password of the configured user. Recommended for Windows
  • CRYPTED_PASSWORD_BASE64 - encrypted password of the configured user in base64 format. Recommended for Linux

Configure the Context fields in the VM Template’s Advance options under Context.

Adding a USERNAME field

In the User Inputs section, create two new fields. First, add a field with Name USERNAME, the Input type: “Text”, and the default value of the user that will receive the context during instantiation. Click Add before moving on to the next field. The Default value field is optional, but will need to be provided a value before deploying the VM.

Create USERNAME Context field

Adding password fields

Next, create the password field. It is recommended to use CRYPTED_PASSWORD_BASE64, however, it may be useful to employ the plaintext PASSWORD when testing.

CRYPTED_PASSWORD_BASE64 is highly recommended as PASSWORD stores plaintext password data. PASSWORD may also have issues with some symbols or extended characters.

Windows cannot accept encrypted passwords but the PASSWORD_BASE64 will prevent symbols in passwords from causing problems.

Use the Type of “Password” for this field to prevent the value being shown in the UI and set the Name to either CRYPTED_PASSWORD_BASE64 (preferred) or PASSWORD (low security and may have issues with symbols).

Create CRYPTED_PASSWORD_BASE64 Context field

The CRYPTED_PASSWORD_BASE64 value is more secure because it does not expose the plaintext password value and base64 encoding prevents issues with passwords containing symbols and unusual characters.

Deploying the VM Template

When deploying the VM Template, since additional template context was added, there will be an extra step for User Inputs, this is where the password data is entered for the VM.

Creating passwords for Windows VM Templates

For Windows VMs create PASSWORD_BASE64 either on Windows with PowerShell:

$PASS="Put your password here"
[System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($PASS))

or on Linux with bash and base64:

PASS="Put your password here"
echo $PASS | base64

Creating passwords for Linux VM Templates

Create a CRYPTED_PASSWORD_BASE64 using the following command on any Linux or Unix system:

openssl passwd -1 | base64

Example with interactive password entry:

$ openssl passwd -1 | base64
Password: # <enter password>
Verifying - Password: # <repeat password>
JDEkUXEvMWl4Wi4kcU04bm10SnhtZ2pJdk1MUFByNlR5MQo=

The non-interactive form is:

PASS="Put your password here"
echo $PASS | openssl -1 -stdin | base64

The output of the command is a long string of characters that will be pasted into the CRYPTED_PASSWORD_BASE64 field.

Deploy VM Template with password

On boot, the VM will configure the password for the user account specified at instantiation and these details can be used for console login.

Prev
VM SSH Keys
Next
Scheduling Virtual Machines