I would expect that you can change the password on the console, using
`boot_command`?

On Thu, Jan 17, 2019, 04:38 Bart Van Bos <[email protected] wrote:

> Hi all,
>
> I am trying to use packer to create Vagrant boxes for the F5 Networks
> BigIQ Virtual instances (ISO based). My configuration looks like this:
>
> {
>   "variables": {
>     "F5_NAME": "BIGIP-14.0.0-0.0.2187"
>   },
>   "builders": [
>     {
>       "name": "{{ user `F5_NAME` }}",
>       "type": "virtualbox-iso",
>       "iso_url": "software/{{ user `F5_NAME` }}.iso",
>       "iso_checksum": "4b503178ab6fb80a07a41940f507c681",
>       "iso_checksum_type": "md5",
>       "ssh_username": "root",
>       "ssh_password": "default",
>       "ssh_wait_timeout": "30000s",
>       "headless": "false",
>       "shutdown_command": "shutdown -h now",
>       "guest_additions_mode": "disable",
>       "guest_os_type": "Linux_64",
>       "vm_name": "{{ user `F5_NAME` }}",
>       "boot_wait": "60s",
>       "boot_command": [
>         "<enter><wait5>",
>         "<enter><wait5>",
>         "<enter>"
>       ],
>       "cpus":  "2",
>       "disk_size": "160000",
>       "format": "ovf",
>       "memory": "4096",
>       "vboxmanage": [
>         ["modifyvm","{{.Name}}","--memory","4096"],
>         ["modifyvm","{{.Name}}","--cpus","2"],
>         ["modifyvm","{{.Name}}","--nic1","NAT"],
>         ["modifyvm","{{.Name}}","--boot1","disk"]
>       ]
>     }
>   ],
>   "post-processors": [
>     {
>       "type": "vagrant",
>       "compression_level": 9,
>       "output": "{{ build_name }}.box"
>     }
>   ],
>   "provisioners": [
>     {
>       "type": "shell",
>       "inline": [
>         "mkdir /shared/vagrant",
>         "exit 0"
>       ],
>       "pause_before": "60s"
>     },
>     {
>       "type": "file",
>       "source": "files",
>       "destination": "/shared/vagrant"
>     }, ...
>   ]
> }
>
>
> The default administrator password combination is root/default, but F5 has
> several measures to avoid insecure installations:
>
>    1. The password is marked expired after initial installation, so you
>    are forced to change the password.
>    2. The new password has to comply the password policy (should not be
>    based on a dictionary word, like "default")
>
> REF: https://support.f5.com/csp/article/K10612010
>
> As a result, I am not able to login with SSH and the virtualbox-iso based
> packer build fails, before the provisioners can kick-off.
>
> packer: -- Question 1: You are required to change your password
> immediately (root enforced)
> packer: Changing password for root.
> packer: (current) UNIX password:
> packer: Keyboard interactive challenge:
> packer: -- User:
> packer: -- Instructions:
> packer: -- Question 1: New BIG-IP password:
> packer: Keyboard interactive challenge:
> packer: -- User:
> packer: -- Instructions:
> packer: -- Question 1: BAD PASSWORD: it is based on a dictionary word
> packer: New BIG-IP password:
> packer: Keyboard interactive challenge:
> packer: -- User:
> packer: -- Instructions:
> packer: -- Question 1: BAD PASSWORD: it is based on a dictionary word
> packer: New BIG-IP password:
> packer: Keyboard interactive challenge:
> packer: -- User:
> packer: -- Instructions: BAD PASSWORD: it is based on a dictionary word
> packer: [DEBUG] SSH handshake err: ssh: handshake failed: ssh: unable to
> authenticate, attempted methods [keyboard-interactive none], no supported
> methods remain
> packer: [DEBUG] Detected authentication error. Increasing handshake
> attempts.
>
>
> In a normal interactive shell it would look like this:
>
> login: root
> Password:     (default)
> You are required to change your password immediately (root enforced)
> Changing password for root.
> (current) UNIX password:      (default)
> New BIG-IP password:
> BAD PASSWORD: it is based on a dictionary word
> New BIG-IP password:
> BAD PASSWORD: it is based on a dictionary word
>
>
> Is there support for this kind of scenario in packer or a way to hack this
> into it?
>
>       "ssh_username": "root",
>       "ssh_password": "default",
>       *"ssh_new_password": "somethingmoresafe",*
>       "ssh_wait_timeout": "30000s",
>
> Best regards,
> Bart
>
> --
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in
> violation of those guidelines may result in your removal from this mailing
> list.
>
> GitHub Issues: https://github.com/mitchellh/packer/issues
> IRC: #packer-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Packer" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/packer-tool/624988a5-eaad-4a7c-a82f-a5e11caf66d3%40googlegroups.com
> <https://groups.google.com/d/msgid/packer-tool/624988a5-eaad-4a7c-a82f-a5e11caf66d3%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
This mailing list is governed under the HashiCorp Community Guidelines - 
https://www.hashicorp.com/community-guidelines.html. Behavior in violation of 
those guidelines may result in your removal from this mailing list.

GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
--- 
You received this message because you are subscribed to the Google Groups 
"Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/packer-tool/CALz9Rt9nZahTzRrejy82cYHBkkH1o-dwC010LA4-Yrq%2BR-r_SQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to