If you hate to remember complex passwords for your lab environment: so do I. Unfortunately there are applications out there that have no easy way to disable password complexity. VRealize LogInsight is one of them. Here’s how to set the password to whatever you like anyways.
Before we start a word of warning: a Syslog server is probably one of your most critical infrastructure components since it likely contains many information a attacker would like to have. Thus: having a default password complexity policy in place to access that precious data is a good thing. However: if you’re building a lab to test LogInsight it can become frustrating to have a complex password. As long as you’re not dumping production logs into your lab machine feel free to proceed.
- Login using SSH into LogInsight as the root user
- change dir to /opt/vmware/bin
- copy the file li-reset-admin-passwd.sh to custom-set-admin-password.sh
- Open the file you just created using vi, you should see something like that:
#!/bin/bash # Variables PSQLPATH='/usr/lib/loginsight/application/lib/pgsql/bin/psql' ADMINUSER='admin' # default admin user ADMINDOMAIN='' # default admin domain
- After the ADMINDOMAIN line add a new line for the password, like this:
- save and exit vi
- execute the script you just modified.
Here’s the trick: the li-reset-admin-passwd.sh script is provided by vmware to reset the admin password in case you forget it. Basically it’s setting the hashed password in the postgres DB. By default it will generate a random password and thus “enforce” complexity. But there’s a simple if-else branch that will test if a variable ADMINPASSWORD is set. If it is, it will use that one instead of a random password.