Hi all,

I am trying to use packer to create Vagrant boxes for the F5 Networks BigIQ 
Virtual instances (ISO based). My configuration looks like this:

{
  "variables": {
    "F5_NAME": "BIGIP-14.0.0-0.0.2187"
  },
  "builders": [
    {
      "name": "{{ user `F5_NAME` }}",
      "type": "virtualbox-iso",
      "iso_url": "software/{{ user `F5_NAME` }}.iso",
      "iso_checksum": "4b503178ab6fb80a07a41940f507c681",
      "iso_checksum_type": "md5",
      "ssh_username": "root",
      "ssh_password": "default",
      "ssh_wait_timeout": "30000s",
      "headless": "false",
      "shutdown_command": "shutdown -h now",
      "guest_additions_mode": "disable",
      "guest_os_type": "Linux_64",
      "vm_name": "{{ user `F5_NAME` }}",
      "boot_wait": "60s",
      "boot_command": [
        "<enter><wait5>",
        "<enter><wait5>",
        "<enter>"
      ],
      "cpus":  "2",
      "disk_size": "160000",
      "format": "ovf",
      "memory": "4096",
      "vboxmanage": [
        ["modifyvm","{{.Name}}","--memory","4096"],
        ["modifyvm","{{.Name}}","--cpus","2"],
        ["modifyvm","{{.Name}}","--nic1","NAT"],
        ["modifyvm","{{.Name}}","--boot1","disk"]
      ]
    }
  ],
  "post-processors": [
    {
      "type": "vagrant",
      "compression_level": 9,
      "output": "{{ build_name }}.box"
    }
  ],
  "provisioners": [
    {
      "type": "shell",
      "inline": [
        "mkdir /shared/vagrant",
        "exit 0"
      ],
      "pause_before": "60s"
    },
    {
      "type": "file",
      "source": "files",
      "destination": "/shared/vagrant"
    }, ...
  ]
}


The default administrator password combination is root/default, but F5 has 
several measures to avoid insecure installations:

   1. The password is marked expired after initial installation, so you are 
   forced to change the password.
   2. The new password has to comply the password policy (should not be 
   based on a dictionary word, like "default") 

REF: https://support.f5.com/csp/article/K10612010

As a result, I am not able to login with SSH and the virtualbox-iso based 
packer build fails, before the provisioners can kick-off.

packer: -- Question 1: You are required to change your password immediately 
(root enforced)
packer: Changing password for root.
packer: (current) UNIX password:
packer: Keyboard interactive challenge:
packer: -- User:
packer: -- Instructions:
packer: -- Question 1: New BIG-IP password:
packer: Keyboard interactive challenge:
packer: -- User:
packer: -- Instructions:
packer: -- Question 1: BAD PASSWORD: it is based on a dictionary word
packer: New BIG-IP password:
packer: Keyboard interactive challenge:
packer: -- User:
packer: -- Instructions:
packer: -- Question 1: BAD PASSWORD: it is based on a dictionary word
packer: New BIG-IP password:
packer: Keyboard interactive challenge:
packer: -- User:
packer: -- Instructions: BAD PASSWORD: it is based on a dictionary word
packer: [DEBUG] SSH handshake err: ssh: handshake failed: ssh: unable to 
authenticate, attempted methods [keyboard-interactive none], no supported 
methods remain
packer: [DEBUG] Detected authentication error. Increasing handshake 
attempts.


In a normal interactive shell it would look like this:

login: root
Password:     (default)
You are required to change your password immediately (root enforced)
Changing password for root.
(current) UNIX password:      (default)
New BIG-IP password:
BAD PASSWORD: it is based on a dictionary word 
New BIG-IP password:
BAD PASSWORD: it is based on a dictionary word 


Is there support for this kind of scenario in packer or a way to hack this 
into it?

      "ssh_username": "root",
      "ssh_password": "default",
      *"ssh_new_password": "somethingmoresafe",*
      "ssh_wait_timeout": "30000s",

Best regards,
Bart

-- 
This mailing list is governed under the HashiCorp Community Guidelines - 
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of 
those guidelines may result in your removal from this mailing list.

GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
--- 
You received this message because you are subscribed to the Google Groups 
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/packer-tool/624988a5-eaad-4a7c-a82f-a5e11caf66d3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to