Change Secrets and Passwords (Required)¶
Last Updated: November 2021
The default secret key and passwords should be changed to secure the VM immediately after provisioning it.
Change Secret Key¶
portal_config.yml has been configured with a default
SECRET_KEY that should be changed. Use a tool like RandomKeygen to generate a new key (e.g.: CodeIgniter Encryption Key or 256-bit WEP Key). Update the
SECRET_KEY value as follows:
tethys settings --set SECRET_KEY <new_key>
Restart the Tethys service afterward:
sudo systemctl restart tethys
All user accounts have default passwords that should be changed to secure passwords soon after creating the VM. Use a password generator like xkpasswd or similar to create strong and unique passwords for the following accounts:
Tethys User Account
Tethys Portal Admin User
Database Users (postgres, tethys_default, tethys_super)
Failure to change the passwords on your Tethys Portal server will make it vulnerable to attack! Do not keep the default passwords!
If you did not change the password of the
tethys user in the Orientation to Azure VM tutorial, do so now:
sudo passwd tethys
Change the passwords for the database users as follows:
sudo su - postgres -c psql
ALTER USERqueries to change the passwords:
ALTER USER <user_name> WITH PASSWORD '<new_password>';
tethys settings --set DATABASES.default.PASSWORD <tethys_default_password>
Restart the tethys service to apply the changes to
sudo systemctl restart tethys.service
Tethys Portal Admin¶
Create a new portal admin account and delete the default account as follows:
tethys db createsuperuser --pn <username> --pe <email> --pp <password>
Log in to the Tethys Portal with the new admin account.
Select Site Admin from the dropdown menu at the top-right.
Click on the Users link under the AUTHENTICATION AND AUTHORIZATION section.
Check the box next to the admin user and
Select Delete selected users from the Actions dropdown and press the Go button.