Hello, I ran into an issue today as I began to transition into a production environment from my Puppet testbed. I am using Puppet Enterprise 2.7 for Ubuntu (x64) and ran through the Installer and configured the Console, Cloud Provisioner, and Master on the same box. This all went well. I then began setting up agent1 for testing and after installing PE, updating the environment in the agent's puppet.conf, signing the agent's cert, I tried to do a puppet agent -td. This failed with the error:
*err: Could not retrieve catalog from remote server: Error 400 on SERVER: Access denied for user 'console'@'localhost' (using password: YES)* During the Installer I was never prompted to enter the password for the Console user so initially I was stuck. I visited IRC and Ancillas and I went back and forth trying to figure out the cause. We viewed the passwords in /etc/puppetlabs/puppet/puppet.conf and /etc/puppetlabs/puppet-dashboard/database.yml but both are encrypted. I was going to attempt a reinstall of the Master, but then I found http://docs.puppetlabs.com/pe/2.0/maint_reconfiguring.html#changing-the-consoles-database-userpassword I followed the steps and everything worked like a charm. My main questions piggy-back one another... 1. What type of encryption/hash is used to initially write the password to those files? Can it be decrypted? 2. I'd prefer to store the db password in an encrypted fashion, is there a way to do this from within Puppet? I assume I could use a MySQL Administration and view the MySQL Users and copy that, but that seems excessive. Thanks, Brendan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
