キー暗号化を有効にするには、**Pandora FMS サーバと Web コンソールの両方でパスワードを設定する必要があります**。
-
The steps for encryption are the following:
+
The steps to follow for encryption are as follows:
暗号化の手順は次の通りです。
暗号化の手順は次の通りです。
-
* Stop both **Metaconsole** and **node** servers.
+
* Stop the server, both in **Command Center (Metaconsole)** and in the **nodes**.
-
* **メタコンソール**と**ノード**サーバの両方を停止します。
+
* **コマンドセンター (メタコンソール)** と **ノード** の両方でサーバを停止します。
+
* Update the **encryption_passphrase** fields in ''/etc/pandora/pandora_server.conf'' and ''/var/www/html/pandora_console/include/config.php'', both in **Command Center (Metaconsole)** and in **nodes**.
-
* Update **encryption_passphrase** in ''/etc/pandora/pandora_server.conf'' and ''/var/www/html/pandora_console/include/config.php'' both in the **node** and **Metaconsole**.
<WRAP center round tip 60%>Do not forget to restart Pandora FMS Server after saving the changes and launching the script.</WRAP>
+
<WRAP center round tip 90%>
-
<WRAP center round tip 60%>設定変更後は、Pandora FMS サーバを忘れずに再起動してください。</WRAP>
+
The Pandora FMS server should be restarted after making the changes and launching the script.
-
===== すでにインストール済の Pandora FMS での設定 =====
+
</WRAP>
-
<WRAP center round important 60%> This section is only relevant if you wish to update from version 743 to version 744. If that is not the case, [[:en:documentation:07_technical_annexes:08_password_encryption#configuration_in_a_new_pandora_fms_installation|encrypt it as if it were new]]. </WRAP>
+
<WRAP center round tip 90%>
-
<WRAP center round important 60%> この章は、バージョン 743 からバージョン 744 に更新する場合にのみです。それ以外の場合は、[[:ja:documentation:07_technical_annexes:08_password_encryption#新規インストールの_pandora_fms_での設定|新規の暗号化]]です。</WRAP>
+
変更を加えてスクリプトを実行した後、Pandora FMS サーバを再起動する必要があります。
-
Configure password encryption following the [[:en:documentation:07_technical_annexes:08_password_encryption#configuration_in_a_new_pandora_fms_installation|steps required for a newly installed Pandora FMS]]. At this point, any new passwords configured in the Pandora FMS Console will be stored in the database encrypted, but already existing passwords must be encrypted too. To that end, follow these steps:
* Launch the encryption script both in the **node** and the **Metaconsole:**
+
Then, after having changed the encryption password (as described in the section for [[#ks2|configuration in a new installation]]), you can encrypt it again:
From 7.0 NG 739 onwards, the [[[:en:documentation:pandorafms:management_and_operation:11_managing_and_administration#credential_store|secure credential manager]] is included. **Please refer to the following section to finish this process correctly**.
-
The script cannot be executed twice, otherwise passwords would get corrupted.
+
</WRAP>
-
スクリプトは 2回実行できません。2回実行するとパスワードが破損します。
+
<WRAP center round important 90%>
-
<WRAP center round important 60%> It is important to keep in mind that the **-m** parameter must be added to decrypt only old passwords. If that parameter is not added to previously encrypted databases, **passwords will be lost**. </WRAP>
<WRAP center round important 60%> 古いパスワードを復号化するときのみ、**-m** パラメータを追加する必要があることに注意してください。暗号化されたデータベースにこのパラメータが追加されない場合、**パスワードが失われます**。</WRAP>
+
</WRAP>
+
**Credential manager:**
-
===== 暗号化パスワードの変更 =====
+
**認証情報管理:**
-
Changing the encryption password is possible in case it gets compromised. First, passwords stored within the database must be decrypted:
+
If you have an encrypted database, in order to continue using the credential manager without losing data //decrypt everything// except the **tcredential_store** table.
Then, after changing the encryption password (as described in the [[:en:documentation:07_technical_annexes:08_password_encryption#configuration_in_a_new_panfora_fms_installation|configuration in a newly installed Pandora FMS section]]), they can be encrypted again:
<WRAP center round important 60%> From 7.0NG.739 onwards, [[:en:documentation:04_using:11_managing_and_administration#credential_store|safe credential management]] is included. </WRAP>
+
If you only want to encrypt from scratch, just execute the last command.
+
+
初回の暗号化では、最後のコマンドを実行します。
+
+
<wrap #ks4 />
+
+
===== 暗号化パスワードの削除 =====
+
+
<WRAP center round important 90%>
+
+
It is recommended to keep **every** password stored in Pandora FMS encrypted.
In case of having an encrypted database available, to be able to keep using the credential manager without losing data, decrypt everything except for the table **tcredential_store**
* Comment **encryption_passphrase** in ''/etc/pandora/pandora_server.conf'' and ''/var/www/html/pandora_console/include/config.php'' both in **Command Center (Metaconsole)** and in **nodes**.
<WRAP center round important 80%> It is recommended to keep the whole password stored in Pandora FMS encrypted.</WRAP>
+
<WRAP center round important 60%> This section is only relevant if you wish to update from version 743 to version 744. If that is not the case, [[:en:documentation:07_technical_annexes:08_password_encryption#configuration_in_a_new_pandora_fms_installation|encrypt it as if it were new]]. </WRAP>
-
<WRAP center round important 80%> Pandora FMS に保存されているパスワードは、全体を暗号化しておくことをお勧めします。</WRAP>
+
<WRAP center round important 60%> この章は、バージョン 743 からバージョン 744 に更新する場合にのみです。それ以外の場合は、[[:ja:documentation:07_technical_annexes:08_password_encryption#新規インストールの_pandora_fms_での設定|新規の暗号化]]です。</WRAP>
-
* Stop the server, both in **Metaconsole** and **node.**
+
Configure password encryption following the [[:en:documentation:07_technical_annexes:08_password_encryption#configuration_in_a_new_pandora_fms_installation|steps required for a newly installed Pandora FMS]]. At this point, any new passwords configured in the Pandora FMS Console will be stored in the database encrypted, but already existing passwords must be encrypted too. To that end, follow these steps:
<WRAP center round tip 60%> \\ Rmember to restart Pandora FMS server after making the changes and launching the script. \\ </WRAP>
+
* Restart the Metaconsole and node servers.
+
+
* メタコンソールおよびノードサーバを再起動します。
+
+
The script cannot be executed twice, otherwise passwords would get corrupted.
+
+
スクリプトは 2回実行できません。2回実行するとパスワードが破損します。
+
+
<WRAP center round important 60%> It is important to keep in mind that the **-m** parameter must be added to decrypt only old passwords. If that parameter is not added to previously encrypted databases, **passwords will be lost**. </WRAP>
+
+
<WRAP center round important 60%> 古いパスワードを復号化するときのみ、**-m** パラメータを追加する必要があることに注意してください。暗号化されたデータベースにこのパラメータが追加されない場合、**パスワードが失われます**。</WRAP>
-
<WRAP center round tip 60%> \\ 変更を加えてスクリプトを実行した後は、Pandora FMS サーバを再起動することを忘れないでください。\\ </WRAP>