cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
JoostRingoot2
Cadet
Cadet
‎06-11-2021 09:23 PM
  • 4,921 Views

changing the password with ansible

I would like to change the root password and the password of some other accounts with ansible. Password is changed: it is no longer the old one, but it doesn't work.
Am I doing something wrong, or have I run into a bug?
The post is here
https://groups.google.com/g/ansible-project/c/5dXLPJWKPRg/m/5As6ZfVuBwAJ

BTW: I was searching for a stack exchange site, but there isn't one for ansible, those are very handy for end users to help each other. Very good searchable.
I think there is a need.
https://stackexchange.com/sites#

Labels (3)
Join the discussion
7 Replies
_Komal_
Mission Specialist
Mission Specialist
‎06-12-2021 04:08 AM
  • 4,892 Views

Hey you can try using the verbose or else while creating the user you can give the password.

JoostRingoot3
Mission Specialist
Mission Specialist
‎06-15-2021 08:40 AM
  • 4,785 Views


Thanks for the reply.
What do you mean with verbose? Code example?

I need to change the password of existing users, on >200 machines, in a safe way.


I was following this procedur
https://docs.ansible.com/ansible/latest/reference_appendices/faq.html


Screenshot from 2021-06-11 20-49-25.png

Fran_Garcia
Starfighter Starfighter
Starfighter
‎06-15-2021 09:25 AM
  • 4,777 Views

I think you are hashing your password twice, and that is wrong:

 

ansible localhost -m user -a "name=jopy update_password=always password={{ '$6$sTmb9Vaxxd9fOGyC$AueAkwgO1M.qnKtKrtAFuPN5iTt0h.Dl1DcLSx9a/fqGTpltbuWAB3ZO.wsQOJTH95l3DIz/blpKFDezAzXhL.' | password_hash('sha512') }}" -u root

 

This should work:

 

ansible localhost -m user -a "name=jopy update_password=always password= '$6$sTmb9Vaxxd9fOGyC$AueAkwgO1M.qnKtKrtAFuPN5iTt0h.Dl1DcLSx9a/fqGTpltbuWAB3ZO.wsQOJTH95l3DIz/blpKFDezAzXhL.'" -u root

 

JoostRingoot3
Mission Specialist
Mission Specialist
‎06-15-2021 11:03 AM
  • 4,768 Views

Thanks for the input Fran, but it didn't work for me. (BTW: I use selection cp/paste buffer (=middle mouse button, after classic password change, it works)
Did it work for you?Screenshot from 2021-06-15 12-06-46.png

0 Kudos
_Komal_
Mission Specialist
Mission Specialist
‎06-16-2021 02:26 PM
  • 4,731 Views

The format is correct the problem is you are allready hasing the password and again using the sha512 so seems like this is creating the issue just give the normal password or you can use the variable is you are using vault to hide. And the verbose is just using -vvvv with the command it will give more clearity what is happening behind the sence.

Hope this would help you!

0 Kudos
JoostRingoot3
Mission Specialist
Mission Specialist
‎06-16-2021 09:11 AM
  • 4,743 Views

This worked:

ansible localhost -m user -a "name=jopy update_password=always password={{ 'Een.voorbeeld.passwoord' | password_hash('sha512') }}" -u root

That will have to do it then I guess

_Komal_
Mission Specialist
Mission Specialist
‎06-16-2021 02:16 PM
  • 4,736 Views

ansible -i hostfile all -m user -a "name=admin update_password=always password={{ newpassword|password_hash('sha512') }}" -b --extra-vars "newpassword=12345678"

Try using this command.

Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2024 Red Hat, Inc. Privacy policy Terms of use