Changing RSA passwords

 

Reset SSH Password:
——————-
Log in to Operations console (Master):

Administration --> Networking --> Configure connectivity using SSH

Do the same procedure on Replica also (if any), it is manual process.

Reset Operations console password:
———————————-
Login to the master appliance with SSH

$ sudo -s // sudo as root
# su - rsaadmin // change user to rsaadmin
$ cd /usr/local/RSASecurity/RSAAuthenticationManager/ //navigate to RSA installation path
$ cd utils
$ ./rsautil manage-oc-administrator -a update // Execute

// Enter Super administrators name
// Enter Super administrators password
// Enter operation console user
// Set the new password

Do the same steps on replica
Error: This operation can be performed only on a primary instance.
But the password got changed

Reset Master password:
———————
Login to the master appliance with SSH

$ sudo -s // sudo as root
# su - rsaadmin // change user to rsaadmin
$ cd /usr/local/RSASecurity/RSAAuthenticationManager/ //navigate to RSA installation path
$ cd utils
$ ./rsautil manage-secrets --action change --new-password <enter_the_new_password>

Do the same procedure on the replica device.

Reset Security Console Password:
———————————
Login to Security Console

Identity-->Users-->Manage Existing // Search for your admin username in internal datase

Change password for the admin user
This action will be automatically replicated to replica.

./arun

12 thoughts on “Changing RSA passwords”

  1. Arun, I have tried this on the replica unit and it wont take the change.  Any idea where to go from here?

  2. Hi Ryan,

     Did you manage to change any of those passwords changed? As far as I remember the operations console and master password has to be set separately for master and replica. The security console password will get replicated automatically.

    ./arun

  3. I’ve changed the security console and the operations console on the primary and have tried to do it on the secondary.  I got the error saying you need to do this on the primary instance but the password still would not change.  However, I just fixed the issue by promoting the replica to the primary instance and changing it once it was promoted.

  4. I don’t agree with the above solution to update the Master Password on Replica. You just need to update the Master Password on RSA Primary Instance and not on the replica instance as the replica is read only. Once the Master Password is changed/updated on the Primary Instance it will be replicated.
     
    Note: If the RSA Replication is broken the chances are the password may not get updated.

  5.  Thanks for the comment, i guess it was not the case at least for shell password. I had to change it separately on primary and replica. Anyway will verify it next time.

Leave a Reply

Your email address will not be published. Required fields are marked *


*