Security

Can the PASSWORD within user-seed.conf be hashed rather than in clear text?

chris_barrett
Communicator

Can the PASSWORD in the user-seed.conf file be a hashed representation, or does it need to be specified in the clear?

1 Solution

chris_barrett
Communicator

Answering my own question here ... The ability to specify a hashed password was added in Splunk 7.1.0.

Ref: http://docs.splunk.com/Documentation/Splunk/7.1.0/Admin/User-seedconf

View solution in original post

0 Karma

chris_barrett
Communicator

Answering my own question here ... The ability to specify a hashed password was added in Splunk 7.1.0.

Ref: http://docs.splunk.com/Documentation/Splunk/7.1.0/Admin/User-seedconf

0 Karma

acharlieh
Influencer

Trying it out on 6.5.3 on Mac, I took the hash of the password I had from the passwd file, and set it into user-seed.conf and removed the passwd file and restarted... the user was then created with the password not as the previous password, but as the hash itself. as a result it seems this is a specified in the clear sort of thing...

Unless someone finds an undocumented option to do otherwise, but thought I would share the attempt.

EDIT: Although it occurs to me, if you already have the hashed version of the password, for the admin account... you probably could just drop the generated $SPLUNK_HOME/etc/passwd file everywhere, (and touch $SPLUNK_HOME/etc/.ui_login while you're at it...)

Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...