When deploying a VM with a password-enabled template and the SSH keypair, the password is encrypted using the public key of the RSA keypair. In order to de-cipher the encrypted passwd you can use the getVMPassword API. This returns the password encrypted using the public-key used while creating the VM.

To decrypt:

Install openssl
$ yum install openssl*

$ openssl enc -base64 -in encryptedpassword -out binarytext -d -A
$ openssl rsautl -decrypt -in binarytext -out plaintext -inkey private.pem

ciphertext - it should contain the encrypted password returned by the getVMPassword API
private.pem - it should contain the private key of the keypair that was used while launching the VM.

Note that getVMPassword will only return an encrypted password if a sshkeypair is specified when launching a VM.

  • No labels