Hi. I've been using XCP-ng Center to manage my homelab for a while, but recently decided to give Xen Orchestra a go (mostly due to the fantastic backup options which are provided with the Premium package or built from source option). I'm enjoying using it so far (apart from an issue with some mouse and keyboard input lag, which I'm going to look more into myself to see if I can improve), but when I exported the Xen Orchestra configuration (from Settings -> Config -> Export/Download Current Config), I noticed that the resulting .json file contains the passwords for the two hosts in my homelab in plaintext.
Is this an intentional decision or an oversight? Shouldn't the password hashes be stored in the .json file (as they appear to be for the users)? Does Xen Orchestra need to store plaintext versions to connect to the hosts? Maybe I'm missing something, but would appreciate some clarification, thanks.