New

Allow Cluster admin to reset VM administrative account

  • 20 July 2018
  • 3 replies
  • 1786 views

Userlevel 3
Badge +18
I had the opportunity to work on a IaaS platform developed by Chinese people few years back. It was not the state of the art product but one feature was absolutely amazing : there used to have a little button called "reset password". I have absolutely no idea how this could be done under the hood, but the password of the admin account (either root or Administrator) was changed by a random password. This random password showed up in the interface briefly, just enough time for you to copy it in the clipboard. Then you get access to the VM.
This is sometimes very handy, when you need to access to a VM that is switched off or that you forgot the password because you are not using it every time. I already proposed this idea to Nutanix staff a long time ago, that could be great to see this feature landing on the PE interface.

3 replies

Badge +3

I see where chinese people possibly use this feature…:smiling_imp:

I dont think this feature would have any compliance officer happy to see.

Userlevel 2
Badge +2

Hi flhoest,

i don’t think we can implement such feature, as it is not secure. Many enterprise customers have VMs for multiple departments on their Nutanix clusters and the person who manages the cluster does not always have access to the guest OS and the data in those VMs. If we implement such a feature, the person who is managing the Nutanix cluster will have unlimited power over all the VMs and that is not secure.

Userlevel 3
Badge +18

Hi flhoest,

i don’t think we can implement such feature, as it is not secure. Many enterprise customers have VMs for multiple departments on their Nutanix clusters and the person who manages the cluster does not always have access to the guest OS and the data in those VMs. If we implement such a feature, the person who is managing the Nutanix cluster will have unlimited power over all the VMs and that is not secure.

Hi @Sergei Ivanov , I’m glad somebody from Nutanix replied back. Agree on the logic you are raising. Maybe with a specific workflow of authorization ? The time is now different from the day I posted this and today so indeed, there is a security concerns. I took the habit to save my password in a secure place now.

Thanks again !

Reply