检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
When creating an ECS, if you select an encrypted image, the system disk of the created ECS is automatically encrypted, improving data security. Use either of the following methods to create an encrypted image: Use an external image file. Use an existing encrypted ECS.
The client alive messages are sent through the encrypted channel and will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable.
You can use an encrypted image or EVS disks when creating an ECS. In such a case, you need to use the key provided by DEW to improve data security.
Only an encrypted private image can be created from an encrypted ECS. Name Set a name for the image. Enterprise Project Select an enterprise project from the drop-down list.
The value for some OSs is 0, indicating that password login is enabled. passwd: indicates the encrypted password. disable_root: whether to disable user root. You are advised to set this parameter to true. Procedure Log in to the Huawei Cloud console.
The data security administrator uses the command line tool obsutil to upload the encrypted ciphertext to a Huawei Cloud OBS bucket. For details, see Uploading an Object.
If the image from which an ECS is created is not encrypted, the system disk of the ECS is not encrypted. If the image from which an ECS is created is encrypted, the system disk of the ECS is automatically encrypted. For details, see (Optional) Encryption-related parameters.
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
BitLocker volumes encrypted using QingTian TPM keys can only be used on the original instance. The QingTian TPM status of an ECS is not displayed in the ECS list. The QingTian TPM status is not included in image snapshots.
Run the following command: create role dbar login replication encrypted password 'xxxxx'; Run the following command to modify the /var/lib/pgsql/11/data/pg_hba.conf file and add the following content to the file: vim /var/lib/pgsql/11/data/pg_hba.conf host all 192.168.1.0/24 md5 #
If this parameter does not exist, the system disk will not be encrypted by default. __system__cmkid No String Specifies the CMK ID, which indicates encryption in metadata. This parameter is used with __system__encrypted.
AK/SK authentication: Requests are encrypted using AK/SK pairs. AK/SK authentication is recommended because it is more secure than token authentication. Token Authentication The validity period of a token is 24 hours.
Call the password obtaining APIs to obtain the ciphertext password of the public key encrypted using RSA. The API URI is in the format "GET /v2/{project_id}/servers/{server_id}/os-server-password".
If this parameter does not exist, the system disk will not be encrypted by default. __system__cmkid No String Specifies the CMK ID, which indicates encryption in metadata. This parameter is used with __system__encrypted.
Encrypted images cannot be shared. A full-ECS image is shareable only when it is created from a CBR backup or from an ECS that has never had a CSBS backup. Full-ECS images created using other methods cannot be shared.
You can also use an encrypted image to create ECSs. For details, see Encrypting Images. Notes and Constraints If you use a full-ECS image to create an ECS, the EVS disks associated with the full-ECS image do not support the function of creating disks from a data disk image.
For details, see Managing Encrypted EVS Disks.
