Scribd
Upload
147 views

How To Secure Your SimpleRisk VM

This document provides instructions to secure the default passwords on a SimpleRisk VM by changing passwords for MySQL, disk encryption, Ubuntu users, and the SimpleRisk admin account. It recommends users log in with the initial 'simplerisk' password and update to strong, unique passwords for improved security before using the VM extensively. Steps are outlined to change passwords for the MySQL root user and simplerisk user, disk encryption, Ubuntu user and root accounts, and SimpleRisk admin account.

Uploaded by

sofon
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
147 views

How To Secure Your SimpleRisk VM

This document provides instructions to secure the default passwords on a SimpleRisk VM by changing passwords for MySQL, disk encryption, Ubuntu users, and the SimpleRisk admin account. It recommends users log in with the initial 'simplerisk' password and update to strong, unique passwords for improved security before using the VM extensively. Steps are outlined to change passwords for the MySQL root user and simplerisk user, disk encryption, Ubuntu user and root accounts, and SimpleRisk admin account.

Uploaded by

sofon
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

This short guide will go over the steps required to remove and replace the original “simplerisk”

passwords for the SimpleRisk VM. We strongly recommend anyone using the VM to update
these passwords before extensive use of the VM image.

You will want to have strong passwords to replace these with and store them securely.

Securing MySQL:

1) Log in to the VM via the console (or enable SSH access and log in that way) using user
"simplerisk" and password "simplerisk".
2) Grab the current root password created at installation from the text file found at
/root/passwords.txt.
3)Run the command "mysqladmin -u root -p password MyNewRootPass" to change the
password for root. When prompted the original password is "simplerisk".
4) Log into mysql as root with the command "mysql -u root -p" and enter the new root password.
5) Run the command "use mysql;"
6) Run the command "UPDATE user SET authentication_string=PASSWORD('MyNewPass') where
USER='simplerisk';" to update the password for the simplerisk user.

7) Run the command "flush privileges;"


8) Run the command "quit" to exit mysql
9) Run the command "sudo bash"
10) Run the command "cd /var/www/simplerisk/includes"
11) Edit the config.php file. Find the line that reads "DB_PASSWORD" and update the
password to the value used for "MyNewSRPass" above.

Securing Your Disk Encryption:


This only applies with older versions of the SimpleRisk VM that come already encrypted at the disk level.

1) Use sudo bash and enter the password "simplerisk"


2) Now using the command "cryptsetup luksAddKey /dev/sda5" you will be asked to
enter a current disk encryption password which will be "simplerisk".
3) Next you will enter your new strong disk encryption password.
4) Last use the command "cryptsetup luksRemoveKey /dev/sda5" and enter the original
encryption password "simplerisk" this will remove the original password and you will
now need to use your new password to decrypt the VM disk.

Securing Ubuntu SimpleRisk User/Root Passwords:

1) Log in to the VM via the console (or enable SSH access and log in that way) using user
"simplerisk" and password "simplerisk".
2) Once logged in type “passwd”, this will ask you for the old password which is “simplerisk”
then ask you to repeat your new password twice to confirm the change. Keep this safe and
readily available as you will need it in the next steps
3) Next to change the root password type “sudo passwd root” and then the password for your
user which by default was “simplerisk” and now should be whatever you just set it to on the
previous step.
4) Now type a new strong password for the root account, then confirm the password a second
time.

Securing the Admin account in SimpleRisk:

1) We will now change the SimpleRisk "admin" password, first go ahead and login to
your SimpleRisk using the following credentials:
Username: admin
Password: admin
2) Click "Admin" at the far top right and select "My Profile" from the drop down
3) Scroll down to the last section and you will see fields to enter the current password.
("admin")
4) Now enter your new strong password and repeat.
5) Finally click update and you will have updated your SimpleRisk Admin password.

You have now taken your first major steps to securing your SimpleRisk VM
If you have any questions about these steps or any concerns in general please contact us using
[email protected]. Thank you.

You might also like