Updated on 2024-09-09 GMT+08:00

Obtaining the Password for Logging In to a Windows ECS

Scenarios

Password authentication is required to log in to a Windows ECS. You must use the key file used when you created the ECS to obtain the administrator password generated during ECS creation. The administrator user is Administrator or the user configured using Cloudbase-Init. This password is randomly generated, offering high security.

You can obtain the initial password for logging in to a Windows ECS through the management console or APIs. For details, see this section.

Obtaining the Password Through the Management Console

  1. Obtain the private key file (.pem file) used when you created the ECS.
  2. Log in to the management console.
  3. Click in the upper left corner and select your region and project.
  4. Click . Under Compute, click Elastic Cloud Server.
  5. On the Elastic Cloud Server page, select the target ECS.
  6. In the Operation column, click More and select Get Password.
    Figure 1 Obtaining a password

    If Get Password is not displayed, the one-click password reset plug-in may not be installed.

    In this case, you can reset the password by referring to Resetting the Password for Logging In to a Windows ECS Without the Password Reset Plug-in Installed.

  7. Use either of the following methods to obtain the password through the key file:
    • Click Select File and upload the key file from a local directory.
    • Copy the key file content to the text field.
  8. Click Get Password to obtain a random password.

Obtaining the Password Through APIs

  1. Obtain the private key file (.pem file) used when you created the ECS.
  2. Set up the API calling environment.
  3. Call APIs. For details, see "Before You Start" in Elastic Cloud Server API Reference.
  4. Obtain the ciphertext password.

    Call the password obtaining APIs to obtain the ciphertext password of the public key encrypted using RSA. The API URI is in the format "GET /v2/{project_id}/servers/{server_id}/os-server-password".

    For details, see "Obtaining the Password for Logging In to an ECS" in the ECS API Reference.

  5. Decrypt the ciphertext password.

    Use the private key file used when you created the ECS to decrypt the ciphertext password obtained in step 4.

    1. Run the following command to convert the ciphertext password format to ".key -nocrypt" using OpenSSL:

      openssl pkcs8 -topk8 -inform PEM -outform DER -in rsa_pem.key -out pkcs8_der.key -nocrypt

    2. Invoke the Java class library org.bouncycastle.jce.provider.BouncyCastleProvider and use the key file to edit the code decryption ciphertext.