[How-To] Create a password hash for vSphere Configuration Profile
Configuration Profiles have emerged as the modern successor to VMware’s legacy Host Profiles, bringing enhanced automation and streamlined management to your vSphere environment. With Host Profiles scheduled for deprecation in the upcoming vSphere release and eventual removal, now is the perfect time to explore how Configuration Profiles can maintain consistent host configurations across your infrastructure
Managing local Account Password with Configuration Profiles
One powerful feature of Configuration Profiles is the ability to manage passwords for local accounts. To implement this correctly, passwords must be stored in SHA-512 hash format.
Fortunately, generating these hashes is straightforward using OpenSSL, which is available on most systems. Here’s how to do it:
- Access any system with OpenSSL installed
- Use the “passwd” parameter with the “-6” option to generate a SHA-512 hash
It will then ask you for the password twice and output the string that you can then use in the configuration profile.
Managing a Cluster with multiple root Password using Configuration Profile
If you have a Configuration Profile for a cluster where you need different passwords for root in the same cluster you can do that. You need to specify a “host-override” for the hosts that deviate from the standard profile’s password. This would look like the following screenshot.
Next Steps
If you’re interested in more of the advanced Features of vSphere, VCF or any other VMware product feel free to reach out to us at any time. We will be at VMware Explore 2025 in Las Vegas, hit us up on LinkedIn to meetup for a chat.
Leave a Reply