Obtaining the Password for Logging In to a Windows ECS

Scenarios

Password authentication is required to log in to a Windows ECS. You must use the private key bound to the ECS when the ECS was created to obtain the administrator password generated during the ECS creation. The administrator user is Administrator or the user configured using Cloudbase-Init. This password is randomly generated, offering high security.

You can obtain the initial password for logging in to a Windows ECS through the management console or APIs. For details, see this section.

Prerequisites

You have obtained the private key file (.pem file) which was generated during the ECS creation.

Obtaining the Password Through the Management Console

1. Obtain the private key file (.pem file) used when you created the ECS.

2. Log in to the management console.

3. Click in the upper left corner and select your region and project.

4. Under Computing, click Elastic Cloud Server.

5. On the Elastic Cloud Server page, select the target ECS.

6. In the Operation column, click More and select Get Password.

   

   Figure 1 Get Password

7. Use either of the following methods to obtain the password through the private key:

   • Click Select File and upload the private key from a local directory.

   • Copy the content of the private key file and paste it into the text box.

8. Click Get Password to obtain a random password.

Obtaining the Password Through APIs

1. Obtain the private key file (.pem file) used when you created the ECS.

2. Set up the API calling environment.

3. Call APIs. For details, see API Usage Guidelines in the Elastic Cloud Server API Reference.

4. Obtain the ciphertext password.

   Call the password obtaining APIs to obtain the ciphertext password of the public key encrypted using RSA. The API URI is in the format "GET /v2/{project_id}/servers/{server_id}/os-server-password".

   Note

   For details, see Obtaining the Password for Logging In to an ECS.

5. Decrypt the ciphertext password.

   Use the private key file used when you created the ECS to decrypt the ciphertext password obtained in step 4.

   1. Run the following command to convert the ciphertext password format to ".key -nocrypt" using OpenSSL:

      openssl pkcs8 -topk8 -inform PEM -outform DER -in rsa_pem.key -out pkcs8_der.key -nocrypt

   2. Invoke the Java class library org.bouncycastle.jce.provider.BouncyCastleProvider and use the key file to edit the code decryption ciphertext.

last updated: 2025-06-26 09:47 UTC - commit: 9bc220f9df70ac25a7715046d9386516a5eac4ec