检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Run the following command: create role dbar login replication encrypted password 'xxxxx'; Run the following command to modify the /var/lib/pgsql/11/data/pg_hba.conf file and add the following content to the file: vim /var/lib/pgsql/11/data/pg_hba.conf host all 192.168.1.0/24 md5 #
Constraints N/A Range 0: indicates a non-encrypted disk. 1: indicates an encrypted disk. Default Value If this parameter does not exist, the system disk will not be encrypted by default.
If this parameter does not exist, the system disk will not be encrypted by default. __system__cmkid No String Specifies the CMK ID, which indicates encryption in metadata. This parameter is used with __system__encrypted.
The client alive messages are sent through the encrypted channel and will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable.
The value for some OSs is 0, indicating that password login is enabled. passwd: indicates the encrypted password. disable_root: whether to disable user root. You are advised to set this parameter to true. Procedure Log in to the Huawei Cloud console.
Constraints N/A Range 0: indicates a non-encrypted disk. 1: indicates an encrypted disk. Default Value If this parameter does not exist, the system disk will not be encrypted by default.
For details, see Managing Encrypted EVS Disks.
You can use an encrypted image or EVS disks when creating an ECS. In such a case, you need to use the key provided by DEW to improve data security.
Call the password obtaining APIs to obtain the ciphertext password of the public key encrypted using RSA. The API URI is in the format "GET /v2/{project_id}/servers/{server_id}/os-server-password".
If the image from which an ECS is created is not encrypted, the system disk of the ECS is not encrypted. If the image from which an ECS is created is encrypted, the system disk of the ECS is automatically encrypted. For details, see (Optional) Encryption-related parameters.
When creating an ECS, if you select an encrypted image, the system disk of the created ECS is automatically encrypted, improving data security. Use either of the following methods to create an encrypted image: Use an external image file. Use an existing encrypted ECS.
AK/SK authentication: Requests are encrypted using AK/SK pairs. AK/SK authentication is recommended because it is more secure than token authentication. Token Authentication The validity period of a token is 24 hours.
BitLocker volumes encrypted using QingTian TPM keys can only be used on the original instance. The QingTian TPM status of an ECS is not displayed in the ECS list. The QingTian TPM status is not included in image snapshots.
Encrypted images cannot be shared. A full-ECS image is shareable only when it is created from a CBR backup or from an ECS that has never had a CSBS backup. Full-ECS images created using other methods cannot be shared.
The data security administrator uses the command line tool obsutil to upload the encrypted ciphertext to a Huawei Cloud OBS bucket. For details, see Uploading an Object.
Only an encrypted private image can be created from an encrypted ECS. Name Set a name for the image. Enterprise Project Select an enterprise project from the drop-down list.
