I would expect that you can change the password on the console, using `boot_command`?
On Thu, Jan 17, 2019, 04:38 Bart Van Bos <[email protected] wrote: > Hi all, > > I am trying to use packer to create Vagrant boxes for the F5 Networks > BigIQ Virtual instances (ISO based). My configuration looks like this: > > { > "variables": { > "F5_NAME": "BIGIP-14.0.0-0.0.2187" > }, > "builders": [ > { > "name": "{{ user `F5_NAME` }}", > "type": "virtualbox-iso", > "iso_url": "software/{{ user `F5_NAME` }}.iso", > "iso_checksum": "4b503178ab6fb80a07a41940f507c681", > "iso_checksum_type": "md5", > "ssh_username": "root", > "ssh_password": "default", > "ssh_wait_timeout": "30000s", > "headless": "false", > "shutdown_command": "shutdown -h now", > "guest_additions_mode": "disable", > "guest_os_type": "Linux_64", > "vm_name": "{{ user `F5_NAME` }}", > "boot_wait": "60s", > "boot_command": [ > "<enter><wait5>", > "<enter><wait5>", > "<enter>" > ], > "cpus": "2", > "disk_size": "160000", > "format": "ovf", > "memory": "4096", > "vboxmanage": [ > ["modifyvm","{{.Name}}","--memory","4096"], > ["modifyvm","{{.Name}}","--cpus","2"], > ["modifyvm","{{.Name}}","--nic1","NAT"], > ["modifyvm","{{.Name}}","--boot1","disk"] > ] > } > ], > "post-processors": [ > { > "type": "vagrant", > "compression_level": 9, > "output": "{{ build_name }}.box" > } > ], > "provisioners": [ > { > "type": "shell", > "inline": [ > "mkdir /shared/vagrant", > "exit 0" > ], > "pause_before": "60s" > }, > { > "type": "file", > "source": "files", > "destination": "/shared/vagrant" > }, ... > ] > } > > > The default administrator password combination is root/default, but F5 has > several measures to avoid insecure installations: > > 1. The password is marked expired after initial installation, so you > are forced to change the password. > 2. The new password has to comply the password policy (should not be > based on a dictionary word, like "default") > > REF: https://support.f5.com/csp/article/K10612010 > > As a result, I am not able to login with SSH and the virtualbox-iso based > packer build fails, before the provisioners can kick-off. > > packer: -- Question 1: You are required to change your password > immediately (root enforced) > packer: Changing password for root. > packer: (current) UNIX password: > packer: Keyboard interactive challenge: > packer: -- User: > packer: -- Instructions: > packer: -- Question 1: New BIG-IP password: > packer: Keyboard interactive challenge: > packer: -- User: > packer: -- Instructions: > packer: -- Question 1: BAD PASSWORD: it is based on a dictionary word > packer: New BIG-IP password: > packer: Keyboard interactive challenge: > packer: -- User: > packer: -- Instructions: > packer: -- Question 1: BAD PASSWORD: it is based on a dictionary word > packer: New BIG-IP password: > packer: Keyboard interactive challenge: > packer: -- User: > packer: -- Instructions: BAD PASSWORD: it is based on a dictionary word > packer: [DEBUG] SSH handshake err: ssh: handshake failed: ssh: unable to > authenticate, attempted methods [keyboard-interactive none], no supported > methods remain > packer: [DEBUG] Detected authentication error. Increasing handshake > attempts. > > > In a normal interactive shell it would look like this: > > login: root > Password: (default) > You are required to change your password immediately (root enforced) > Changing password for root. > (current) UNIX password: (default) > New BIG-IP password: > BAD PASSWORD: it is based on a dictionary word > New BIG-IP password: > BAD PASSWORD: it is based on a dictionary word > > > Is there support for this kind of scenario in packer or a way to hack this > into it? > > "ssh_username": "root", > "ssh_password": "default", > *"ssh_new_password": "somethingmoresafe",* > "ssh_wait_timeout": "30000s", > > Best regards, > Bart > > -- > This mailing list is governed under the HashiCorp Community Guidelines - > https://www.hashicorp.com/community-guidelines.html. Behavior in > violation of those guidelines may result in your removal from this mailing > list. > > GitHub Issues: https://github.com/mitchellh/packer/issues > IRC: #packer-tool on Freenode > --- > You received this message because you are subscribed to the Google Groups > "Packer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/packer-tool/624988a5-eaad-4a7c-a82f-a5e11caf66d3%40googlegroups.com > <https://groups.google.com/d/msgid/packer-tool/624988a5-eaad-4a7c-a82f-a5e11caf66d3%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/packer/issues IRC: #packer-tool on Freenode --- You received this message because you are subscribed to the Google Groups "Packer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/CALz9Rt9nZahTzRrejy82cYHBkkH1o-dwC010LA4-Yrq%2BR-r_SQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
