Using the password utility

Support

Support for business applications

Kaspersky Scan Engine

March 5, 2024

ID 179831

This section describes how to use the kl_access_util utility. With this utility, you can do the following:

Reset the password for the admin account. After the reset, you can change the password in the Kaspersky Scan Engine GUI.
Set an API token used for authentication.

The kl_access_util utility is run from the command line as follows:

./kl_access_util [-r] | [-n <token-name> -t <token-value>] | [-v] | [-h]

The table below describes the kl_access_util options.

kl_access_util options

Option	Description
`-r` or `--reset_default_user`	Sets the password for the `admin` account to its default value `KAVAdmin!1`.
`-n <token-name>` or `--access-token-name <token-name>`	Specifies the name of an API token used for authentication. If the token with the specified name already exists, Kaspersky Scan Engine updates this token (replaces the old value with the new one specified in `-t` or `--access-token`). If the token with the specified name does not exist, Kaspersky Scan Engine creates a new token with the given name and value. Combine this option only with `-t` or `--access-token`.
`-t <token-value>` or `--access-token <token-value>`	Specifies the value of an API token used for authentication. The value is assigned to the token with the name specified in `-n` or `--access-token-name`. It can be either an existing token that the utility updates or a new token (see the description of the `-n` option). The value must be unique and contain from 4 to 100 ASCII characters. There must be at least one uppercase Latin letter, one lowercase Latin letter, one digit, and one of the following special characters: `-._~+/).` When creating or updating a token, the utility encrypts the token value. Combine this option only with `-n` or `--access-token-name`.
`-v` or `--version`	Prints the version of Kaspersky Scan Engine to the command line.
`-h` or `--help`	Prints the Help information about the kl_access_util utility to the command line.

Option

Description

-r

--reset_default_user

Sets the password for the admin account to its default value KAVAdmin!1.

-n <token-name>

--access-token-name <token-name>

Specifies the name of an API token used for authentication.

If the token with the specified name already exists, Kaspersky Scan Engine updates this token (replaces the old value with the new one specified in -t or --access-token).

If the token with the specified name does not exist, Kaspersky Scan Engine creates a new token with the given name and value.

Combine this option only with -t or --access-token.

-t <token-value>

--access-token <token-value>

Specifies the value of an API token used for authentication. The value is assigned to the token with the name specified in -n or --access-token-name. It can be either an existing token that the utility updates or a new token (see the description of the -n option).

The value must be unique and contain from 4 to 100 ASCII characters. There must be at least one uppercase Latin letter, one lowercase Latin letter, one digit, and one of the following special characters: -._~+/).

When creating or updating a token, the utility encrypts the token value.

Combine this option only with -n or --access-token-name.

-v

--version

Prints the version of Kaspersky Scan Engine to the command line.

-h

--help

Prints the Help information about the kl_access_util utility to the command line.

Kaspersky Professional Services

Implementation services. Health check and security system configuration. Contact us if you need expert help.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.