feat: 配置私钥密码

3 years ago · 11fd9a6567
9 changed files with 234 additions and 214 deletions
--- a/apps/applications/serializers/application.py
+++ b/apps/applications/serializers/application.py
@ -96,7 +96,7 @@ class AppAccountSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
    class Meta:
        model = models.Account
        fields_mini = ['id', 'username', 'version']
-        fields_write_only = ['password', 'private_key']
+        fields_write_only = ['password', 'private_key', 'passphrase']
        fields_fk = ['systemuser', 'systemuser_display', 'app', 'app_display']
        fields = fields_mini + fields_fk + fields_write_only + [
            'type', 'type_display', 'category', 'category_display',
--- a/apps/assets/serializers/account.py
+++ b/apps/assets/serializers/account.py
@ -15,7 +15,7 @@ class AccountSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
    class Meta:
        model = AuthBook
        fields_mini = ['id', 'username', 'ip', 'hostname', 'version']
-        fields_write_only = ['password', 'private_key', "public_key"]
+        fields_write_only = ['password', 'private_key', "public_key", 'passphrase']
        fields_other = ['date_created', 'date_updated', 'connectivity', 'date_verified', 'comment']
        fields_small = fields_mini + fields_write_only + fields_other
        fields_fk = ['asset', 'systemuser', 'systemuser_display']
--- a/apps/assets/serializers/base.py
+++ b/apps/assets/serializers/base.py
@ -1,10 +1,11 @@
 # -*- coding: utf-8 -*-
 #
+from io import StringIO

 from django.utils.translation import ugettext as _
 from rest_framework import serializers

-from common.utils import ssh_pubkey_gen, validate_ssh_private_key
+from common.utils import ssh_pubkey_gen, ssh_private_key_gen, validate_ssh_private_key


 class AuthSerializer(serializers.ModelSerializer):
@ -28,17 +29,27 @@ class AuthSerializer(serializers.ModelSerializer):
        return self.instance


-class AuthSerializerMixin:
+class AuthSerializerMixin(serializers.ModelSerializer):
+    passphrase = serializers.CharField(
+        allow_blank=True, allow_null=True, required=False, max_length=512,
+        write_only=True, label=_('Key password')
+    )
+
    def validate_password(self, password):
        return password

    def validate_private_key(self, private_key):
        if not private_key:
            return
-        password = self.initial_data.get("password")
-        valid = validate_ssh_private_key(private_key, password)
+        passphrase = self.initial_data.get('passphrase')
+        valid = validate_ssh_private_key(private_key, password=passphrase)
        if not valid:
-            raise serializers.ValidationError(_("private key invalid"))
+            raise serializers.ValidationError(_("private key invalid or passphrase error"))
+
+        private_key = ssh_private_key_gen(private_key, password=passphrase)
+        string_io = StringIO()
+        private_key.write_private_key(string_io)
+        private_key = string_io.getvalue()
        return private_key

    def validate_public_key(self, public_key):
@ -50,6 +61,7 @@ class AuthSerializerMixin:
            value = validated_data.get(field)
            if not value:
                validated_data.pop(field, None)
+        validated_data.pop('passphrase', None)

    def create(self, validated_data):
        self.clean_auth_fields(validated_data)
--- a/apps/assets/serializers/domain.py
+++ b/apps/assets/serializers/domain.py
@ -49,7 +49,7 @@ class GatewaySerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
        model = Gateway
        fields_mini = ['id', 'name']
        fields_write_only = [
-            'password', 'private_key', 'public_key',
+            'password', 'private_key', 'public_key', 'passphrase'
        ]
        fields_small = fields_mini + fields_write_only + [
            'username', 'ip', 'port', 'protocol',
--- a/apps/assets/serializers/system_user.py
+++ b/apps/assets/serializers/system_user.py
@ -33,7 +33,7 @@ class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
    class Meta:
        model = SystemUser
        fields_mini = ['id', 'name', 'username']
-        fields_write_only = ['password', 'public_key', 'private_key']
+        fields_write_only = ['password', 'public_key', 'private_key', 'passphrase']
        fields_small = fields_mini + fields_write_only + [
            'token', 'ssh_key_fingerprint',
            'type', 'type_display', 'protocol', 'is_asset_protocol',
@ -145,9 +145,9 @@ class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):

    def validate_password(self, password):
        super().validate_password(password)
-        auto_gen_key = self.get_initial_value("auto_generate_key", False)
-        private_key = self.get_initial_value("private_key")
-        login_mode = self.get_initial_value("login_mode")
+        auto_gen_key = self.get_initial_value('auto_generate_key', False)
+        private_key = self.get_initial_value('private_key')
+        login_mode = self.get_initial_value('login_mode')

        if not self.instance and not auto_gen_key and not password and \
                not private_key and login_mode == SystemUser.LOGIN_AUTO:
@ -191,9 +191,9 @@ class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
        return attrs

    def _validate_gen_key(self, attrs):
-        username = attrs.get("username", "manual")
-        auto_gen_key = attrs.pop("auto_generate_key", False)
-        protocol = attrs.get("protocol")
+        username = attrs.get('username', 'manual')
+        auto_gen_key = attrs.pop('auto_generate_key', False)
+        protocol = attrs.get('protocol')

        if protocol not in SystemUser.SUPPORT_PUSH_PROTOCOLS:
            return attrs
@ -201,17 +201,17 @@ class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
        # 自动生成
        if auto_gen_key and not self.instance:
            password = SystemUser.gen_password()
-            attrs["password"] = password
+            attrs['password'] = password
            if protocol == SystemUser.Protocol.ssh:
                private_key, public_key = SystemUser.gen_key(username)
-                attrs["private_key"] = private_key
-                attrs["public_key"] = public_key
+                attrs['private_key'] = private_key
+                attrs['public_key'] = public_key
        # 如果设置了private key，没有设置public key则生成
-        elif attrs.get("private_key", None):
-            private_key = attrs["private_key"]
-            password = attrs.get("password")
+        elif attrs.get('private_key'):
+            private_key = attrs['private_key']
+            password = attrs.get('password')
            public_key = ssh_pubkey_gen(private_key, password=password, username=username)
-            attrs["public_key"] = public_key
+            attrs['public_key'] = public_key
        return attrs

    def _validate_login_mode(self, attrs):
@ -236,7 +236,7 @@ class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
    @classmethod
    def setup_eager_loading(cls, queryset):
        """ Perform necessary eager loading of data. """
-        queryset = queryset\
+        queryset = queryset \
            .annotate(assets_amount=Count("assets")) \
            .prefetch_related('nodes', 'cmd_filters')
        return queryset
--- a/apps/assets/urls/init.py
+++ b/apps/assets/urls/init.py
@ -1 +0,0 @@
-
--- a/apps/common/utils/encode.py
+++ b/apps/common/utils/encode.py
@ -22,7 +22,6 @@ from django.db.models.fields.files import FileField

 from .http import http_date

-
 UUID_PATTERN = re.compile(r'[0-9a-zA-Z\-]{36}')


@ -41,6 +40,7 @@ class Singleton(type):

 class Signer(metaclass=Singleton):
    """用来加密,解密,和基于时间戳的方式验证token"""
+
    def __init__(self, secret_key=None):
        self.secret_key = secret_key

@ -88,11 +88,16 @@ def ssh_key_string_to_obj(text, password=None):
    return key


-def ssh_pubkey_gen(private_key=None, username='jumpserver', hostname='localhost', password=None):
+def ssh_private_key_gen(private_key, password=None):
    if isinstance(private_key, bytes):
        private_key = private_key.decode("utf-8")
    if isinstance(private_key, string_types):
        private_key = ssh_key_string_to_obj(private_key, password=password)
+    return private_key
+
+
+def ssh_pubkey_gen(private_key=None, username='jumpserver', hostname='localhost', password=None):
+    private_key = ssh_private_key_gen(private_key, password=password)
    if not isinstance(private_key, (paramiko.RSAKey, paramiko.DSSKey)):
        raise IOError('Invalid private key')

@ -230,4 +235,3 @@ def model_to_json(instance, sort_keys=True, indent=2, cls=None):
    if cls is None:
        cls = DjangoJSONEncoder
    return json.dumps(data, sort_keys=sort_keys, indent=indent, cls=cls)
-
--- a/apps/locale/zh/LC_MESSAGES/django.mo
+++ b/apps/locale/zh/LC_MESSAGES/django.mo
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:151597996418474bb0ec965084ef04c8e1f93b6546b6829a1e0174e9e1f2e43a
-size 95238
+oid sha256:1393555be0b521cb6c09f61c20d5c6f93ce03e376208c1e90f2344421324c422
+size 95321
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: JumpServer 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2021-12-17 15:30+0800\n"
+"POT-Creation-Date: 2021-12-31 10:28+0800\n"
 "PO-Revision-Date: 2021-05-20 10:54+0800\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: JumpServer team<ibuler@qq.com>\n"
@ -22,7 +22,7 @@ msgstr ""
 #: assets/models/base.py:175 assets/models/cluster.py:18
 #: assets/models/cmd_filter.py:23 assets/models/domain.py:24
 #: assets/models/group.py:20 assets/models/label.py:18 ops/mixin.py:24
-#: orgs/models.py:24 perms/models/base.py:44 settings/models.py:29
+#: orgs/models.py:24 perms/models/base.py:119 settings/models.py:29
 #: settings/serializers/sms.py:6 terminal/models/storage.py:23
 #: terminal/models/task.py:16 terminal/models/terminal.py:100
 #: users/forms/profile.py:32 users/models/group.py:15 users/models/user.py:549
@ -35,18 +35,18 @@ msgid "Name"
 msgstr "名称"

 #: acls/models/base.py:27 assets/models/cmd_filter.py:77
-#: assets/models/user.py:209
+#: assets/models/user.py:211
 msgid "Priority"
 msgstr "优先级"

 #: acls/models/base.py:28 assets/models/cmd_filter.py:77
-#: assets/models/user.py:209
+#: assets/models/user.py:211
 msgid "1-100, the lower the value will be match first"
 msgstr "优先级可选范围为 1-100 (数值越小越优先)"

 #: acls/models/base.py:31 authentication/models.py:17
 #: authentication/templates/authentication/_access_key_modal.html:32
-#: perms/models/base.py:48 terminal/models/sharing.py:24
+#: perms/models/base.py:124 terminal/models/sharing.py:24
 #: users/templates/users/_select_user_modal.html:18
 msgid "Active"
 msgstr "激活中"
@ -57,7 +57,7 @@ msgstr "激活中"
 #: assets/models/cmd_filter.py:44 assets/models/cmd_filter.py:87
 #: assets/models/domain.py:25 assets/models/domain.py:65
 #: assets/models/group.py:23 assets/models/label.py:23 ops/models/adhoc.py:37
-#: orgs/models.py:27 perms/models/base.py:53 settings/models.py:34
+#: orgs/models.py:27 perms/models/base.py:129 settings/models.py:34
 #: terminal/models/storage.py:26 terminal/models/terminal.py:114
 #: tickets/models/ticket.py:71 users/models/group.py:16
 #: users/models/user.py:585 xpack/plugins/change_auth_plan/models/base.py:41
@ -83,9 +83,9 @@ msgstr "登录复核"
 #: assets/models/cmd_filter.py:26 assets/models/label.py:15 audits/models.py:36
 #: audits/models.py:56 audits/models.py:74 audits/serializers.py:94
 #: authentication/models.py:47 orgs/models.py:19 orgs/models.py:433
-#: perms/models/base.py:45 templates/index.html:78
-#: terminal/backends/command/models.py:18
-#: terminal/backends/command/serializers.py:12 terminal/models/session.py:39
+#: perms/models/base.py:120 templates/index.html:78
+#: terminal/backends/command/models.py:19
+#: terminal/backends/command/serializers.py:12 terminal/models/session.py:40
 #: terminal/notifications.py:90 terminal/notifications.py:138
 #: tickets/models/comment.py:17 users/const.py:14 users/models/user.py:169
 #: users/models/user.py:756 users/models/user.py:782
@ -131,14 +131,14 @@ msgstr "系统用户"
 #: applications/serializers/attrs/application_category/remote_app.py:37
 #: assets/models/asset.py:356 assets/models/authbook.py:18
 #: assets/models/cmd_filter.py:34 assets/models/gathered_user.py:14
-#: assets/serializers/system_user.py:260 audits/models.py:38
-#: perms/models/asset_permission.py:99 templates/index.html:82
-#: terminal/backends/command/models.py:19
-#: terminal/backends/command/serializers.py:13 terminal/models/session.py:41
+#: assets/serializers/system_user.py:264 audits/models.py:38
+#: perms/models/asset_permission.py:24 templates/index.html:82
+#: terminal/backends/command/models.py:20
+#: terminal/backends/command/serializers.py:13 terminal/models/session.py:42
 #: terminal/notifications.py:89
 #: users/templates/users/user_asset_permission.html:40
 #: users/templates/users/user_asset_permission.html:70
-#: xpack/plugins/change_auth_plan/models/asset.py:200
+#: xpack/plugins/change_auth_plan/models/asset.py:199
 #: xpack/plugins/cloud/models.py:217
 msgid "Asset"
 msgstr "资产"
@ -167,8 +167,8 @@ msgstr "格式为逗号分隔的字符串, * 表示匹配所有. "
 #: ops/models/adhoc.py:148 users/forms/profile.py:31 users/models/user.py:547
 #: users/templates/users/_msg_user_created.html:12
 #: users/templates/users/_select_user_modal.html:14
-#: xpack/plugins/change_auth_plan/models/asset.py:35
-#: xpack/plugins/change_auth_plan/models/asset.py:196
+#: xpack/plugins/change_auth_plan/models/asset.py:34
+#: xpack/plugins/change_auth_plan/models/asset.py:195
 #: xpack/plugins/cloud/serializers/account_attrs.py:22
 msgid "Username"
 msgstr "用户名"
@ -209,7 +209,7 @@ msgid ""
 msgstr "格式为逗号分隔的字符串, * 表示匹配所有. 可选的协议有： {}"

 #: acls/serializers/login_asset_acl.py:55 assets/models/asset.py:214
-#: assets/models/domain.py:63 assets/models/user.py:210
+#: assets/models/domain.py:63 assets/models/user.py:212
 #: terminal/serializers/session.py:30 terminal/serializers/storage.py:69
 msgid "Protocol"
 msgstr "协议"
@ -219,7 +219,7 @@ msgid "Unsupported protocols: {}"
 msgstr "不支持的协议: {}"

 #: acls/serializers/login_asset_acl.py:98
-#: tickets/serializers/ticket/ticket.py:105
+#: tickets/serializers/ticket/ticket.py:104
 msgid "The organization `{}` does not exist"
 msgstr "组织 `{}` 不存在"

@ -260,16 +260,16 @@ msgstr "数据库"
 msgid "Remote app"
 msgstr "远程应用"

-#: applications/const.py:29
+#: applications/const.py:30
 msgid "Custom"
 msgstr "自定义"

 #: applications/models/account.py:11 assets/models/authbook.py:19
-#: assets/models/cmd_filter.py:38 assets/models/user.py:300 audits/models.py:39
+#: assets/models/cmd_filter.py:38 assets/models/user.py:302 audits/models.py:39
 #: perms/models/application_permission.py:32
-#: perms/models/asset_permission.py:101 templates/_nav.html:45
-#: terminal/backends/command/models.py:20
-#: terminal/backends/command/serializers.py:14 terminal/models/session.py:43
+#: perms/models/asset_permission.py:26 templates/_nav.html:45
+#: terminal/backends/command/models.py:21
+#: terminal/backends/command/serializers.py:14 terminal/models/session.py:44
 #: users/templates/users/_granted_assets.html:27
 #: users/templates/users/user_asset_permission.html:42
 #: users/templates/users/user_asset_permission.html:76
@ -306,10 +306,10 @@ msgstr "类别"

 #: applications/models/application.py:171
 #: applications/serializers/application.py:90 assets/models/cmd_filter.py:76
-#: assets/models/user.py:208 perms/models/application_permission.py:23
+#: assets/models/user.py:210 perms/models/application_permission.py:23
 #: perms/serializers/application/user_permission.py:34
 #: terminal/models/storage.py:55 terminal/models/storage.py:116
-#: tickets/models/flow.py:51 tickets/models/ticket.py:48
+#: tickets/models/flow.py:55 tickets/models/ticket.py:48
 #: tickets/serializers/ticket/meta/ticket_type/apply_application.py:29
 #: xpack/plugins/change_auth_plan/models/app.py:28
 #: xpack/plugins/change_auth_plan/models/app.py:153
@ -332,7 +332,7 @@ msgstr "应用程序"

 #: applications/serializers/application.py:59
 #: applications/serializers/application.py:89 assets/serializers/label.py:13
-#: perms/serializers/application/permission.py:16
+#: perms/serializers/application/permission.py:18
 #: tickets/serializers/ticket/meta/ticket_type/apply_application.py:26
 msgid "Category display"
 msgstr "类别名称"
@ -340,10 +340,10 @@ msgstr "类别名称"
 #: applications/serializers/application.py:60
 #: applications/serializers/application.py:91
 #: assets/serializers/system_user.py:27 audits/serializers.py:29
-#: perms/serializers/application/permission.py:17
+#: perms/serializers/application/permission.py:19
 #: tickets/serializers/ticket/meta/ticket_type/apply_application.py:33
-#: tickets/serializers/ticket/ticket.py:22
-#: tickets/serializers/ticket/ticket.py:169
+#: tickets/serializers/ticket/ticket.py:21
+#: tickets/serializers/ticket/ticket.py:172
 msgid "Type display"
 msgstr "类型名称"

@ -368,6 +368,7 @@ msgstr "主机"
 #: applications/serializers/attrs/application_type/mysql_workbench.py:22
 #: applications/serializers/attrs/application_type/oracle.py:11
 #: applications/serializers/attrs/application_type/pgsql.py:11
+#: applications/serializers/attrs/application_type/redis.py:11
 #: applications/serializers/attrs/application_type/sqlserver.py:11
 #: assets/models/asset.py:215 assets/models/domain.py:62
 #: settings/serializers/auth/radius.py:15
@ -383,11 +384,11 @@ msgid "Application path"
 msgstr "应用路径"

 #: applications/serializers/attrs/application_category/remote_app.py:45
-#: assets/serializers/system_user.py:159
-#: xpack/plugins/change_auth_plan/serializers/asset.py:64
-#: xpack/plugins/change_auth_plan/serializers/asset.py:67
-#: xpack/plugins/change_auth_plan/serializers/asset.py:70
-#: xpack/plugins/change_auth_plan/serializers/asset.py:101
+#: assets/serializers/system_user.py:163
+#: xpack/plugins/change_auth_plan/serializers/asset.py:65
+#: xpack/plugins/change_auth_plan/serializers/asset.py:68
+#: xpack/plugins/change_auth_plan/serializers/asset.py:71
+#: xpack/plugins/change_auth_plan/serializers/asset.py:102
 #: xpack/plugins/cloud/serializers/account_attrs.py:52
 msgid "This field is required."
 msgstr "该字段是必填项。"
@ -523,9 +524,9 @@ msgstr "主机名原始"
 msgid "Protocols"
 msgstr "协议组"

-#: assets/models/asset.py:219 assets/models/user.py:200
-#: perms/models/asset_permission.py:100
-#: xpack/plugins/change_auth_plan/models/asset.py:44
+#: assets/models/asset.py:219 assets/models/user.py:202
+#: perms/models/asset_permission.py:25
+#: xpack/plugins/change_auth_plan/models/asset.py:43
 #: xpack/plugins/gathered_user/models.py:24
 msgid "Nodes"
 msgstr "节点"
@ -536,7 +537,7 @@ msgid "Is active"
 msgstr "激活"

 #: assets/models/asset.py:223 assets/models/cluster.py:19
-#: assets/models/user.py:197 assets/models/user.py:349 templates/_nav.html:44
+#: assets/models/user.py:199 assets/models/user.py:351 templates/_nav.html:44
 msgid "Admin user"
 msgstr "特权用户"

@ -556,7 +557,7 @@ msgstr "标签管理"
 #: assets/models/cluster.py:28 assets/models/cmd_filter.py:48
 #: assets/models/cmd_filter.py:90 assets/models/group.py:21
 #: common/db/models.py:70 common/mixins/models.py:49 orgs/models.py:25
-#: orgs/models.py:437 perms/models/base.py:51 users/models/user.py:593
+#: orgs/models.py:437 perms/models/base.py:127 users/models/user.py:593
 #: users/serializers/group.py:33
 #: xpack/plugins/change_auth_plan/models/base.py:45
 #: xpack/plugins/cloud/models.py:119 xpack/plugins/gathered_user/models.py:30
@ -568,7 +569,7 @@ msgstr "创建者"
 #: assets/models/gathered_user.py:19 assets/models/group.py:22
 #: assets/models/label.py:25 common/db/models.py:72 common/mixins/models.py:50
 #: ops/models/adhoc.py:38 ops/models/command.py:29 orgs/models.py:26
-#: orgs/models.py:435 perms/models/base.py:52 users/models/group.py:18
+#: orgs/models.py:435 perms/models/base.py:128 users/models/group.py:18
 #: users/models/user.py:783 xpack/plugins/cloud/models.py:122
 msgid "Date created"
 msgstr "创建日期"
@ -599,15 +600,15 @@ msgstr "可连接性"
 msgid "Date verified"
 msgstr "校验日期"

-#: assets/models/base.py:178 xpack/plugins/change_auth_plan/models/asset.py:54
-#: xpack/plugins/change_auth_plan/models/asset.py:131
-#: xpack/plugins/change_auth_plan/models/asset.py:207
+#: assets/models/base.py:178 xpack/plugins/change_auth_plan/models/asset.py:53
+#: xpack/plugins/change_auth_plan/models/asset.py:130
+#: xpack/plugins/change_auth_plan/models/asset.py:206
 msgid "SSH private key"
 msgstr "SSH密钥"

-#: assets/models/base.py:179 xpack/plugins/change_auth_plan/models/asset.py:57
-#: xpack/plugins/change_auth_plan/models/asset.py:127
-#: xpack/plugins/change_auth_plan/models/asset.py:203
+#: assets/models/base.py:179 xpack/plugins/change_auth_plan/models/asset.py:56
+#: xpack/plugins/change_auth_plan/models/asset.py:126
+#: xpack/plugins/change_auth_plan/models/asset.py:202
 msgid "SSH public key"
 msgstr "SSH公钥"

@ -659,7 +660,7 @@ msgstr "系统"
 msgid "Default Cluster"
 msgstr "默认Cluster"

-#: assets/models/cmd_filter.py:30 perms/models/base.py:47
+#: assets/models/cmd_filter.py:30 perms/models/base.py:122
 #: templates/_nav.html:21 users/models/group.py:31 users/models/user.py:555
 #: users/templates/users/_select_user_modal.html:16
 #: users/templates/users/user_asset_permission.html:39
@ -678,7 +679,7 @@ msgid "Regex"
 msgstr "正则表达式"

 #: assets/models/cmd_filter.py:64 ops/models/command.py:25
-#: terminal/backends/command/serializers.py:15 terminal/models/session.py:50
+#: terminal/backends/command/serializers.py:15 terminal/models/session.py:51
 #: terminal/templates/terminal/_msg_command_alert.html:12
 #: terminal/templates/terminal/_msg_command_execute_alert.html:10
 msgid "Command"
@ -770,7 +771,7 @@ msgstr "新节点"
 msgid "empty"
 msgstr "空"

-#: assets/models/node.py:545 perms/models/asset_permission.py:176
+#: assets/models/node.py:545 perms/models/asset_permission.py:100
 msgid "Key"
 msgstr "键"

@ -778,11 +779,11 @@ msgstr "键"
 msgid "Full value"
 msgstr "全称"

-#: assets/models/node.py:550 perms/models/asset_permission.py:177
+#: assets/models/node.py:550 perms/models/asset_permission.py:101
 msgid "Parent key"
 msgstr "ssh私钥"

-#: assets/models/node.py:559 assets/serializers/system_user.py:259
+#: assets/models/node.py:559 assets/serializers/system_user.py:263
 #: users/templates/users/user_asset_permission.html:41
 #: users/templates/users/user_asset_permission.html:73
 #: users/templates/users/user_asset_permission.html:158
@ -790,75 +791,75 @@ msgstr "ssh私钥"
 msgid "Node"
 msgstr "节点"

-#: assets/models/user.py:191
+#: assets/models/user.py:193
 msgid "Automatic managed"
 msgstr "托管密码"

-#: assets/models/user.py:192
+#: assets/models/user.py:194
 msgid "Manually input"
 msgstr "手动输入"

-#: assets/models/user.py:196
+#: assets/models/user.py:198
 msgid "Common user"
 msgstr "普通用户"

-#: assets/models/user.py:199
+#: assets/models/user.py:201
 msgid "Username same with user"
 msgstr "用户名与用户相同"

-#: assets/models/user.py:202 assets/serializers/domain.py:29
+#: assets/models/user.py:204 assets/serializers/domain.py:29
 #: templates/_nav.html:39
 #: terminal/templates/terminal/_msg_command_execute_alert.html:16
-#: xpack/plugins/change_auth_plan/models/asset.py:40
+#: xpack/plugins/change_auth_plan/models/asset.py:39
 msgid "Assets"
 msgstr "资产"

-#: assets/models/user.py:206 templates/_nav.html:17
+#: assets/models/user.py:208 templates/_nav.html:17
 #: users/views/profile/pubkey.py:37
 msgid "Users"
 msgstr "用户管理"

-#: assets/models/user.py:207
+#: assets/models/user.py:209
 msgid "User groups"
 msgstr "用户组"

-#: assets/models/user.py:211
+#: assets/models/user.py:213
 msgid "Auto push"
 msgstr "自动推送"

-#: assets/models/user.py:212
+#: assets/models/user.py:214
 msgid "Sudo"
 msgstr "Sudo"

-#: assets/models/user.py:213
+#: assets/models/user.py:215
 msgid "Shell"
 msgstr "Shell"

-#: assets/models/user.py:214
+#: assets/models/user.py:216
 msgid "Login mode"
 msgstr "认证方式"

-#: assets/models/user.py:215
+#: assets/models/user.py:217
 msgid "SFTP Root"
 msgstr "SFTP根路径"

-#: assets/models/user.py:216 authentication/models.py:45
+#: assets/models/user.py:218 authentication/models.py:45
 msgid "Token"
 msgstr ""

-#: assets/models/user.py:217
+#: assets/models/user.py:219
 msgid "Home"
 msgstr "家目录"

-#: assets/models/user.py:218
+#: assets/models/user.py:220
 msgid "System groups"
 msgstr "用户组"

-#: assets/models/user.py:221
+#: assets/models/user.py:223
 msgid "User switch"
 msgstr "用户切换"

-#: assets/models/user.py:222
+#: assets/models/user.py:224
 msgid "Switch from"
 msgstr "切换自"

@ -903,18 +904,22 @@ msgstr "特权用户名称"
 msgid "CPU info"
 msgstr "CPU信息"

-#: assets/serializers/base.py:41
-msgid "private key invalid"
-msgstr "密钥不合法"
+#: assets/serializers/base.py:35
+msgid "Key password"
+msgstr "密钥密码"
+
+#: assets/serializers/base.py:47
+msgid "private key invalid or passphrase error"
+msgstr "密钥不合法或密钥密码错误"

 #: assets/serializers/domain.py:13 assets/serializers/label.py:12
 #: assets/serializers/system_user.py:59
-#: perms/serializers/asset/permission.py:72
+#: perms/serializers/asset/permission.py:49
 msgid "Assets amount"
 msgstr "资产数量"

 #: assets/serializers/domain.py:14
-#: perms/serializers/application/permission.py:43
+#: perms/serializers/application/permission.py:46
 msgid "Applications amount"
 msgstr "应用数量"

@ -943,11 +948,11 @@ msgid "Apps amount"
 msgstr "应用数量"

 #: assets/serializers/system_user.py:58
-#: perms/serializers/asset/permission.py:73
+#: perms/serializers/asset/permission.py:50
 msgid "Nodes amount"
 msgstr "节点数量"

-#: assets/serializers/system_user.py:60 assets/serializers/system_user.py:261
+#: assets/serializers/system_user.py:60 assets/serializers/system_user.py:265
 msgid "Login mode display"
 msgstr "认证方式名称"

@ -967,43 +972,43 @@ msgstr "仅支持ssh协议和自动登录的系统用户"
 msgid "Username same with user with protocol {} only allow 1"
 msgstr "用户名和用户相同的一种协议只允许存在一个"

-#: assets/serializers/system_user.py:114 common/validators.py:14
+#: assets/serializers/system_user.py:117 common/validators.py:14
 msgid "Special char not allowed"
 msgstr "不能包含特殊字符"

-#: assets/serializers/system_user.py:123
+#: assets/serializers/system_user.py:127
 msgid "* Automatic login mode must fill in the username."
 msgstr "自动登录模式，必须填写用户名"

-#: assets/serializers/system_user.py:138
+#: assets/serializers/system_user.py:142
 msgid "Path should starts with /"
 msgstr "路径应该以 / 开头"

-#: assets/serializers/system_user.py:150
+#: assets/serializers/system_user.py:154
 msgid "Password or private key required"
 msgstr "密码或密钥密码需要一个"

-#: assets/serializers/system_user.py:164
+#: assets/serializers/system_user.py:168
 msgid "Only ssh protocol system users are allowed"
 msgstr "仅允许ssh协议的系统用户"

-#: assets/serializers/system_user.py:168
+#: assets/serializers/system_user.py:172
 msgid "The protocol must be consistent with the current user: {}"
 msgstr "协议必须和当前用户保持一致: {}"

-#: assets/serializers/system_user.py:172
+#: assets/serializers/system_user.py:176
 msgid "Only system users with automatic login are allowed"
 msgstr "仅允许自动登录的系统用户"

-#: assets/serializers/system_user.py:277
+#: assets/serializers/system_user.py:281
 msgid "System user name"
 msgstr "系统用户名称"

-#: assets/serializers/system_user.py:278 orgs/mixins/serializers.py:26
+#: assets/serializers/system_user.py:282 orgs/mixins/serializers.py:26
 msgid "Org name"
 msgstr "组织名称"

-#: assets/serializers/system_user.py:287
+#: assets/serializers/system_user.py:291
 msgid "Asset hostname"
 msgstr "资产主机名"

@ -1157,7 +1162,7 @@ msgid "Symlink"
 msgstr "建立软链接"

 #: audits/models.py:37 audits/models.py:60 audits/models.py:76
-#: terminal/models/session.py:46 terminal/models/sharing.py:76
+#: terminal/models/session.py:47 terminal/models/sharing.py:76
 msgid "Remote addr"
 msgstr "远端地址"

@ -1174,8 +1179,8 @@ msgstr "文件名"
 msgid "Success"
 msgstr "成功"

-#: audits/models.py:43 ops/models/command.py:30 perms/models/base.py:49
-#: terminal/models/session.py:53
+#: audits/models.py:43 ops/models/command.py:30 perms/models/base.py:125
+#: terminal/models/session.py:54
 #: tickets/serializers/ticket/meta/ticket_type/apply_application.py:55
 #: tickets/serializers/ticket/meta/ticket_type/apply_asset.py:57
 #: xpack/plugins/change_auth_plan/models/base.py:109
@ -1273,7 +1278,7 @@ msgstr "认证方式"
 msgid "Operate display"
 msgstr "操作名称"

-#: audits/serializers.py:30 tickets/serializers/ticket/ticket.py:23
+#: audits/serializers.py:30 tickets/serializers/ticket/ticket.py:22
 msgid "Status display"
 msgstr "状态名称"

@ -1422,7 +1427,7 @@ msgstr "{AssetPermission} 添加 {UserGroup}"
 msgid "{AssetPermission} REMOVE {UserGroup}"
 msgstr "{AssetPermission} 移除 {UserGroup}"

-#: audits/signals_handler.py:132 perms/models/asset_permission.py:106
+#: audits/signals_handler.py:132 perms/models/asset_permission.py:30
 #: templates/_nav.html:78 users/templates/users/_user_detail_nav_header.html:31
 msgid "Asset permission"
 msgstr "资产授权"
@ -2329,15 +2334,15 @@ msgstr ""
 msgid "Unknown ip"
 msgstr "未知ip"

-#: common/validators.py:30
+#: common/validators.py:32
 msgid "This field must be unique."
 msgstr "字段必须唯一"

-#: common/validators.py:38
+#: common/validators.py:40
 msgid "Should not contains special characters"
 msgstr "不能包含特殊字符"

-#: common/validators.py:44
+#: common/validators.py:46
 msgid "The mobile phone number format is incorrect"
 msgstr "手机号格式不正确"

@ -2580,7 +2585,7 @@ msgstr "组织存在资源 ({}) 不能被删除"

 #: orgs/mixins/models.py:46 orgs/mixins/serializers.py:25 orgs/models.py:37
 #: orgs/models.py:432 orgs/serializers.py:106
-#: tickets/serializers/ticket/ticket.py:77
+#: tickets/serializers/ticket/ticket.py:76
 msgid "Organization"
 msgstr "组织"

@ -2609,61 +2614,61 @@ msgstr "管理员正在修改授权，请稍等"
 msgid "The authorization cannot be revoked for the time being"
 msgstr "该授权暂时不能撤销"

-#: perms/models/asset_permission.py:37 settings/serializers/terminal.py:12
+#: perms/models/asset_permission.py:133
+msgid "Ungrouped"
+msgstr "未分组"
+
+#: perms/models/asset_permission.py:135
+msgid "Favorite"
+msgstr "收藏夹"
+
+#: perms/models/base.py:56 settings/serializers/terminal.py:12
 msgid "All"
 msgstr "全部"

-#: perms/models/asset_permission.py:38
+#: perms/models/base.py:57
 msgid "Connect"
 msgstr "连接"

-#: perms/models/asset_permission.py:39
+#: perms/models/base.py:58
 msgid "Upload file"
 msgstr "上传文件"

-#: perms/models/asset_permission.py:40
+#: perms/models/base.py:59
 msgid "Download file"
 msgstr "下载文件"

-#: perms/models/asset_permission.py:41
+#: perms/models/base.py:60
 msgid "Upload download"
 msgstr "上传下载"

-#: perms/models/asset_permission.py:42
+#: perms/models/base.py:61
 msgid "Clipboard copy"
 msgstr "剪贴板复制"

-#: perms/models/asset_permission.py:43
+#: perms/models/base.py:62
 msgid "Clipboard paste"
 msgstr "剪贴板粘贴"

-#: perms/models/asset_permission.py:44
+#: perms/models/base.py:63
 msgid "Clipboard copy paste"
 msgstr "剪贴板复制粘贴"

-#: perms/models/asset_permission.py:102
-#: perms/serializers/application/permission.py:39
-#: perms/serializers/asset/permission.py:41
-#: perms/serializers/asset/permission.py:69
+#: perms/models/base.py:123 perms/serializers/application/permission.py:17
+#: perms/serializers/application/permission.py:42
+#: perms/serializers/asset/permission.py:18
+#: perms/serializers/asset/permission.py:46
 msgid "Actions"
 msgstr "动作"

-#: perms/models/asset_permission.py:209
-msgid "Ungrouped"
-msgstr "未分组"
-
-#: perms/models/asset_permission.py:211
-msgid "Favorite"
-msgstr "收藏夹"
-
-#: perms/models/base.py:50
+#: perms/models/base.py:126
 #: tickets/serializers/ticket/meta/ticket_type/apply_application.py:58
 #: tickets/serializers/ticket/meta/ticket_type/apply_asset.py:60
 #: users/models/user.py:590
 msgid "Date expired"
 msgstr "失效日期"

-#: perms/models/base.py:54
+#: perms/models/base.py:130
 msgid "From ticket"
 msgstr "来自工单"

@ -2699,59 +2704,59 @@ msgstr "应用授权规则即将过期"
 msgid "application permissions of organization {}"
 msgstr "组织 ({}) 的应用授权"

-#: perms/serializers/application/permission.py:18
-#: perms/serializers/application/permission.py:38
-#: perms/serializers/asset/permission.py:42
-#: perms/serializers/asset/permission.py:68 users/serializers/user.py:79
+#: perms/serializers/application/permission.py:20
+#: perms/serializers/application/permission.py:41
+#: perms/serializers/asset/permission.py:19
+#: perms/serializers/asset/permission.py:45 users/serializers/user.py:79
 msgid "Is valid"
 msgstr "账户是否有效"

-#: perms/serializers/application/permission.py:19
-#: perms/serializers/application/permission.py:37
-#: perms/serializers/asset/permission.py:43
-#: perms/serializers/asset/permission.py:67 users/serializers/user.py:28
+#: perms/serializers/application/permission.py:21
+#: perms/serializers/application/permission.py:40
+#: perms/serializers/asset/permission.py:20
+#: perms/serializers/asset/permission.py:44 users/serializers/user.py:28
 #: users/serializers/user.py:80
 msgid "Is expired"
 msgstr "已过期"

-#: perms/serializers/application/permission.py:40
-#: perms/serializers/asset/permission.py:70 users/serializers/group.py:34
+#: perms/serializers/application/permission.py:43
+#: perms/serializers/asset/permission.py:47 users/serializers/group.py:34
 msgid "Users amount"
 msgstr "用户数量"

-#: perms/serializers/application/permission.py:41
-#: perms/serializers/asset/permission.py:71
+#: perms/serializers/application/permission.py:44
+#: perms/serializers/asset/permission.py:48
 msgid "User groups amount"
 msgstr "用户组数量"

-#: perms/serializers/application/permission.py:42
-#: perms/serializers/asset/permission.py:74
+#: perms/serializers/application/permission.py:45
+#: perms/serializers/asset/permission.py:51
 msgid "System users amount"
 msgstr "系统用户数量"

-#: perms/serializers/application/permission.py:66
+#: perms/serializers/application/permission.py:88
 msgid ""
 "The application list contains applications that are different from the "
 "permission type. ({})"
 msgstr "应用列表中包含与授权类型不同的应用。({})"

-#: perms/serializers/asset/permission.py:44
+#: perms/serializers/asset/permission.py:21
 msgid "Users display"
 msgstr "用户名称"

-#: perms/serializers/asset/permission.py:45
+#: perms/serializers/asset/permission.py:22
 msgid "User groups display"
 msgstr "用户名称"

-#: perms/serializers/asset/permission.py:46
+#: perms/serializers/asset/permission.py:23
 msgid "Assets display"
 msgstr "资产名称"

-#: perms/serializers/asset/permission.py:47
+#: perms/serializers/asset/permission.py:24
 msgid "Nodes display"
 msgstr "节点名称"

-#: perms/serializers/asset/permission.py:48
+#: perms/serializers/asset/permission.py:25
 msgid "System users display"
 msgstr "系统用户名称"

@ -4282,30 +4287,30 @@ msgstr "有在线会话"
 msgid "Invalid elasticsearch config"
 msgstr "无效的 Elasticsearch 配置"

-#: terminal/backends/command/models.py:14
+#: terminal/backends/command/models.py:15
 msgid "Ordinary"
 msgstr "普通"

-#: terminal/backends/command/models.py:15
+#: terminal/backends/command/models.py:16
 msgid "Dangerous"
 msgstr "危险"

-#: terminal/backends/command/models.py:21
+#: terminal/backends/command/models.py:22
 msgid "Input"
 msgstr "输入"

-#: terminal/backends/command/models.py:22
+#: terminal/backends/command/models.py:23
 #: terminal/backends/command/serializers.py:16
 msgid "Output"
 msgstr "输出"

-#: terminal/backends/command/models.py:23 terminal/models/sharing.py:15
+#: terminal/backends/command/models.py:24 terminal/models/sharing.py:15
 #: terminal/models/sharing.py:58
 #: terminal/templates/terminal/_msg_command_alert.html:10
 msgid "Session"
 msgstr "会话"

-#: terminal/backends/command/models.py:24
+#: terminal/backends/command/models.py:25
 #: terminal/backends/command/serializers.py:18
 msgid "Risk level"
 msgstr "风险等级"
@ -4322,6 +4327,10 @@ msgstr "风险等级名称"
 msgid "Timestamp"
 msgstr "时间戳"

+#: terminal/backends/command/serializers.py:22 terminal/models/terminal.py:105
+msgid "Remote Address"
+msgstr "远端地址"
+
 #: terminal/const.py:32
 msgid "Critical"
 msgstr "严重"
@ -4347,15 +4356,15 @@ msgstr "不支持批量创建"
 msgid "Storage is invalid"
 msgstr "存储无效"

-#: terminal/models/session.py:45 terminal/models/sharing.py:81
+#: terminal/models/session.py:46 terminal/models/sharing.py:81
 msgid "Login from"
 msgstr "登录来源"

-#: terminal/models/session.py:49
+#: terminal/models/session.py:50
 msgid "Replay"
 msgstr "回放"

-#: terminal/models/session.py:54
+#: terminal/models/session.py:55
 msgid "Date end"
 msgstr "结束日期"

@ -4448,10 +4457,6 @@ msgstr ""
 msgid "type"
 msgstr "类型"

-#: terminal/models/terminal.py:105
-msgid "Remote Address"
-msgstr "远端地址"
-
 #: terminal/models/terminal.py:106
 msgid "SSH Port"
 msgstr "SSH端口"
@ -4795,28 +4800,24 @@ msgstr "用户显示名称"
 msgid "Body"
 msgstr "内容"

-#: tickets/models/flow.py:20 tickets/models/flow.py:56
+#: tickets/models/flow.py:18 tickets/models/flow.py:60
 #: tickets/models/ticket.py:25
 msgid "Approve level"
 msgstr "审批级别"

-#: tickets/models/flow.py:25 tickets/serializers/ticket/ticket.py:141
+#: tickets/models/flow.py:23 tickets/serializers/ticket/ticket.py:140
 msgid "Approve strategy"
 msgstr "审批策略"

-#: tickets/models/flow.py:30 tickets/serializers/ticket/ticket.py:142
+#: tickets/models/flow.py:28 tickets/serializers/ticket/ticket.py:141
 msgid "Assignees"
 msgstr "受理人"

-#: tickets/models/flow.py:34
-msgid "Assignees display"
-msgstr "受理人名称"
-
-#: tickets/models/flow.py:38
+#: tickets/models/flow.py:32
 msgid "Ticket flow approval rule"
 msgstr "工单批准信息"

-#: tickets/models/flow.py:61
+#: tickets/models/flow.py:65
 msgid "Ticket flow"
 msgstr "工单流程"

@ -4892,7 +4893,7 @@ msgstr "申请的系统用户名称"

 #: tickets/serializers/ticket/meta/ticket_type/apply_application.py:71
 #: tickets/serializers/ticket/meta/ticket_type/apply_asset.py:73
-#: tickets/serializers/ticket/ticket.py:128
+#: tickets/serializers/ticket/ticket.py:127
 msgid "Permission named `{}` already exists"
 msgstr "授权名称 `{}` 已存在"

@ -4952,7 +4953,7 @@ msgid "From cmd filter"
 msgstr "来自命令过滤规则"

 #: tickets/serializers/ticket/meta/ticket_type/common.py:11
-#: tickets/serializers/ticket/ticket.py:123
+#: tickets/serializers/ticket/ticket.py:122
 msgid "Created by ticket ({}-{})"
 msgstr "通过工单创建 ({}-{})"

@ -4972,21 +4973,25 @@ msgstr "登录系统用户"
 msgid "Login datetime"
 msgstr "登录日期"

-#: tickets/serializers/ticket/ticket.py:95
+#: tickets/serializers/ticket/ticket.py:94
 msgid ""
 "The `type` in the submission data (`{}`) is different from the type in the "
 "request url (`{}`)"
 msgstr "提交数据中的类型 (`{}`) 与请求URL地址中的类型 (`{}`) 不一致"

-#: tickets/serializers/ticket/ticket.py:116
+#: tickets/serializers/ticket/ticket.py:115
 msgid "The ticket flow `{}` does not exist"
 msgstr "工单流程 `{}` 不存在"

-#: tickets/serializers/ticket/ticket.py:163
+#: tickets/serializers/ticket/ticket.py:142
+msgid "Assignees display"
+msgstr "受理人名称"
+
+#: tickets/serializers/ticket/ticket.py:166
 msgid "Please select the Assignees"
 msgstr "请选择受理人"

-#: tickets/serializers/ticket/ticket.py:189
+#: tickets/serializers/ticket/ticket.py:192
 msgid "The current organization type already exists"
 msgstr "当前组织已存在该类型"

@ -5607,13 +5612,13 @@ msgid "The parameter 'action' must be [{}]"
 msgstr "参数 'action' 必须是 [{}]"

 #: xpack/plugins/change_auth_plan/meta.py:9
-#: xpack/plugins/change_auth_plan/models/asset.py:68
-#: xpack/plugins/change_auth_plan/models/asset.py:124
+#: xpack/plugins/change_auth_plan/models/asset.py:67
+#: xpack/plugins/change_auth_plan/models/asset.py:123
 msgid "Change auth plan"
 msgstr "改密计划"

 #: xpack/plugins/change_auth_plan/models/app.py:41
-#: xpack/plugins/change_auth_plan/models/asset.py:63
+#: xpack/plugins/change_auth_plan/models/asset.py:62
 #: xpack/plugins/change_auth_plan/serializers/base.py:44
 msgid "Recipient"
 msgstr "收件人"
@ -5636,29 +5641,29 @@ msgstr "应用"
 msgid "Application change auth plan task"
 msgstr "用用改密计划任务"

-#: xpack/plugins/change_auth_plan/models/asset.py:30
+#: xpack/plugins/change_auth_plan/models/asset.py:29
 msgid "Append SSH KEY"
 msgstr "追加"

-#: xpack/plugins/change_auth_plan/models/asset.py:31
+#: xpack/plugins/change_auth_plan/models/asset.py:30
 msgid "Empty and append SSH KEY"
 msgstr "清空所有并添加"

-#: xpack/plugins/change_auth_plan/models/asset.py:32
+#: xpack/plugins/change_auth_plan/models/asset.py:31
 msgid "Replace (The key generated by JumpServer) "
 msgstr "替换 (由 JumpServer 生成的密钥)"

-#: xpack/plugins/change_auth_plan/models/asset.py:50
-#: xpack/plugins/change_auth_plan/serializers/asset.py:33
+#: xpack/plugins/change_auth_plan/models/asset.py:49
+#: xpack/plugins/change_auth_plan/serializers/asset.py:34
 msgid "SSH Key strategy"
 msgstr "SSH 密钥策略"

-#: xpack/plugins/change_auth_plan/models/asset.py:135
-#: xpack/plugins/change_auth_plan/models/asset.py:211
+#: xpack/plugins/change_auth_plan/models/asset.py:134
+#: xpack/plugins/change_auth_plan/models/asset.py:210
 msgid "Change auth plan execution"
 msgstr "改密计划执行"

-#: xpack/plugins/change_auth_plan/models/asset.py:218
+#: xpack/plugins/change_auth_plan/models/asset.py:217
 msgid "Change auth plan task"
 msgstr "改密计划任务"

@ -5738,11 +5743,11 @@ msgstr ""
 "{} - 改密任务已完成: 未设置加密密码 - 请前往个人信息 -> 文件加密密码中设置加"
 "密密码"

-#: xpack/plugins/change_auth_plan/serializers/asset.py:30
+#: xpack/plugins/change_auth_plan/serializers/asset.py:31
 msgid "Change Password"
 msgstr "更改密码"

-#: xpack/plugins/change_auth_plan/serializers/asset.py:31
+#: xpack/plugins/change_auth_plan/serializers/asset.py:32
 msgid "Change SSH Key"
 msgstr "修改 SSH Key"

@ -5754,10 +5759,6 @@ msgstr "执行次数"
 msgid "Currently only mail sending is supported"
 msgstr "当前只支持邮件发送"

-#: xpack/plugins/change_auth_plan/task_handlers/base/handler.py:236
-msgid "After many attempts to change the secret, it still failed"
-msgstr "多次尝试改密后, 依然失败"
-
 #: xpack/plugins/change_auth_plan/serializers/base.py:57
 msgid "* Please enter the correct password length"
 msgstr "* 请输入正确的密码长度"
@ -5766,15 +5767,19 @@ msgstr "* 请输入正确的密码长度"
 msgid "* Password length range 6-30 bits"
 msgstr "* 密码长度范围 6-30 位"

-#: xpack/plugins/change_auth_plan/task_handlers/base/handler.py:249
+#: xpack/plugins/change_auth_plan/task_handlers/base/handler.py:236
+msgid "After many attempts to change the secret, it still failed"
+msgstr "多次尝试改密后, 依然失败"
+
+#: xpack/plugins/change_auth_plan/task_handlers/base/handler.py:255
 msgid "Invalid/incorrect password"
 msgstr "无效/错误 密码"

-#: xpack/plugins/change_auth_plan/task_handlers/base/handler.py:251
+#: xpack/plugins/change_auth_plan/task_handlers/base/handler.py:257
 msgid "Failed to connect to the host"
 msgstr "连接主机失败"

-#: xpack/plugins/change_auth_plan/task_handlers/base/handler.py:253
+#: xpack/plugins/change_auth_plan/task_handlers/base/handler.py:259
 msgid "Data could not be sent to remote"
 msgstr "无法将数据发送到远程"