Previously I used this to assign random passwords to users:
======================
- name: "Set value to 'salt'"
set_fact:
salt: "{{ lookup('password', '/dev/null length=8 chars=ascii_letters')
}}"
delegate_to: localhost
- name: "Set value to 'newPassword'"
set_fact:
newPassword: "{{ lookup('password', '/dev/null length=15
chars=ascii_letters') }}"
delegate_to: localhost
- name: "Get encrypted command"
shell: python -c 'import crypt; print crypt.crypt("{{ newPassword }}",
"$6${{ salt }}$")'
register: encryptCommand
delegate_to: localhost
changed_when: false
- name: "Set value to 'encriptedPassword'"
set_fact:
encriptedPassword: "{{ encryptCommand.stdout }}"
- name: Change root password
user:
name: root
update_password: always
password: "{{ encriptedPassword }}"
- debug:
msg: "New password for root is: {{ newPassword }}"
======================
El viernes, 11 de junio de 2021 a la(s) 14:32:01 UTC-5, [email protected]
escribió:
> For the record,
> I tried this as well on Debian 10 buster (ansible 2.7) and with the
> ansible from the backports repository (ansible 2.9)
>
>
> Op vrijdag 11 juni 2021 om 20:59:25 UTC+2 schreef Joost Ringoot:
>
>>
>> Hello,
>>
>> I am trying to change a password with ansible but it doesn't work. I
>> don't see why it is not working. Do you see what is going wrong? see
>> screenshot or cli below
>> [image: Screenshot from 2021-06-11 20-49-25.png]
>> [pipo@install-me ~]$ ansible all -i localhost, -m debug -a "msg={{
>> 'Een.voorbeeld.passwoord' | password_hash('sha512') }}"
>> localhost | SUCCESS => {
>> "msg":
>> "$6$sTmb9Vaxxd9fOGyC$AueAkwgO1M.qnKtKrtAFuPN5iTt0h.Dl1DcLSx9a/fqGTpltbuWAB3ZO.wsQOJTH95l3DIz/blpKFDezAzXhL."
>> }
>> [pipo@install-me ~]$ ansible localhost -m user -a "name=jopy
>> update_password=always password={{
>> '$6$sTmb9Vaxxd9fOGyC$AueAkwgO1M.qnKtKrtAFuPN5iTt0h.Dl1DcLSx9a/fqGTpltbuWAB3ZO.wsQOJTH95l3DIz/blpKFDezAzXhL.'
>>
>> | password_hash('sha512') }}" -u root
>> localhost | CHANGED => {
>> "ansible_facts": {
>> "discovered_interpreter_python": "/usr/bin/python"
>> },
>> "append": false,
>> "changed": true,
>> "comment": "",
>> "group": 1004,
>> "home": "/home/jopy",
>> "move_home": false,
>> "name": "jopy",
>> "password": "NOT_LOGGING_PASSWORD",
>> "shell": "/bin/bash",
>> "state": "present",
>> "uid": 1004
>> }
>> [pipo@install-me ~]$ su - jopy
>> Password:
>> su: Authentication failure
>> [pipo@install-me ~]$ exit
>> logout
>> [root@install-me ~]# passwd jopy
>> Changing password for user jopy.
>> New password:
>> Retype new password:
>> passwd: all authentication tokens updated successfully.
>> [root@install-me ~]# su - pipo
>> Last login: Fre Jun 11 20:40:54 CEST 2021 on pts/0
>> [pipo@install-me ~]$ su - jopy
>> Password:
>> Last login: Fri Jun 11 20:42:32 CEST 2021 from localhost on pts/1
>> Last failed login: Fri Jun 11 20:48:35 CEST 2021 on pts/0
>> There were 3 failed login attempts since the last successful login.
>> [jopy@install-me ~]$ ansible --version
>> ansible 2.9.21
>> config file = /etc/ansible/ansible.cfg
>> configured module search path =
>> [u'/home/jopy/.ansible/plugins/modules',
>> u'/usr/share/ansible/plugins/modules']
>> ansible python module location =
>> /usr/lib/python2.7/site-packages/ansible
>> executable location = /bin/ansible
>> python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5
>> 20150623 (Red Hat 4.8.5-44)]
>> [jopy@install-me ~]$ cat /etc/*release
>> CentOS Linux release 7.9.2009 (Core)
>> NAME="CentOS Linux"
>> VERSION="7 (Core)"
>> ID="centos"
>> ID_LIKE="rhel fedora"
>> VERSION_ID="7"
>> PRETTY_NAME="CentOS Linux 7 (Core)"
>> ANSI_COLOR="0;31"
>> CPE_NAME="cpe:/o:centos:centos:7"
>> HOME_URL="https://www.centos.org/";
>> BUG_REPORT_URL="https://bugs.centos.org/";
>>
>> CENTOS_MANTISBT_PROJECT="CentOS-7"
>> CENTOS_MANTISBT_PROJECT_VERSION="7"
>> REDHAT_SUPPORT_PRODUCT="centos"
>> REDHAT_SUPPORT_PRODUCT_VERSION="7"
>>
>> CentOS Linux release 7.9.2009 (Core)
>> CentOS Linux release 7.9.2009 (Core)
>> [jopy@install-me ~]$ uname -a
>> Linux install-me 3.10.0-1160.6.1.el7.x86_64 #1 SMP Tue Nov 17 13:59:11
>> UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
>> [jopy@install-me ~]$
>>
>> Thanks ahead
>>
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/f028e9da-dc1a-4bea-bc19-75e396b3c9aen%40googlegroups.com.
