[Puppet Users] Re: Creating Users and Hashing it's password.
password => sha1('your password')
On Thursday, June 9, 2011 at 12:38:36 AM UTC+5:30, vella1tj wrote:
>
> Hi everyone I would like to first of all say thanks to anyone willing
> to help me.
>
> I was tasked with creating a Admin account using puppet to push to all
> of our Macs that we have deployed around the Campus.
>
> user {'sysop':
> #uid => 500,
> #groups => 'admin',
> comment=> 'Sysop',
> ensure=> present,
> home => '/home/sysop',
> shell => '/bin/bash',
> managehome => true,
> password=> 'Haven't figured out the best way to
> hash
> a password and put it in here.,
> }
>
> That's what I have so far, I don't believe I understand how Hash works
> completely. The way I understand it is it will have a hash in the
> password field and it will compare it to other hashes to match what
> the password would be. So what I was hoping to get help on (or
> anything i've done wrong or you would recommend me doing different) is
> how do i set a resource for the hash do i put it in my files directory
> and then point it to there is there anything special I have to do
> so puppet understands that it's hash.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/7c04c981-9fdb-42a8-9114-60f47897e762%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Creating Users and Hashing it's password.
You could also use the built in sha1 function to let puppet generate the
hashed version for you.
Like this:
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= sha1('plaintextpasswordhere'),
}
On Wednesday, June 8, 2011 9:08:36 PM UTC+2, vella1tj wrote:
Hi everyone I would like to first of all say thanks to anyone willing
to help me.
I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= 'Haven't figured out the best way to
hash
a password and put it in here.,
}
That's what I have so far, I don't believe I understand how Hash works
completely. The way I understand it is it will have a hash in the
password field and it will compare it to other hashes to match what
the password would be. So what I was hoping to get help on (or
anything i've done wrong or you would recommend me doing different) is
how do i set a resource for the hash do i put it in my files directory
and then point it to there is there anything special I have to do
so puppet understands that it's hash.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Creating Users and Hashing it's password.
On Sun, Jun 12, 2011 at 10:42 AM, Alexandre Martani amart...@gmail.comwrote:
On Ubuntu/Debian, you can generate the hash using:
mkpasswd -m sha-512
I don't know if it works on Mac, but the output of it looks like the same
as the examples posted on this topic, so I think it should work.
Mac OS X has a more complex password hash with required zero padding that is
rather annoying.
user { 'demo':
ensure = 'present',
comment = 'demo',
gid = '20',
home = '/Users/demo',
password =
'E2FA8B0FC98C9C3D20C346F59145BAF0BBF2352709CF',
shell= '/bin/bash',
uid = '502',
}
Told you it was annoying :)
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Creating Users and Hashing it's password.
Yep, I figured it out thanks to you guys. Now it's just getting that
darn home folder to get created:) Again thanks for the replies you
guys are awesome.
On Jun 13, 9:56 am, Nigel Kersten ni...@puppetlabs.com wrote:
On Sun, Jun 12, 2011 at 10:42 AM, Alexandre Martani amart...@gmail.comwrote:
On Ubuntu/Debian, you can generate the hash using:
mkpasswd -m sha-512
I don't know if it works on Mac, but the output of it looks like the same
as the examples posted on this topic, so I think it should work.
Mac OS X has a more complex password hash with required zero padding that is
rather annoying.
user { 'demo':
ensure = 'present',
comment = 'demo',
gid = '20',
home = '/Users/demo',
password =
'00
000
000E2FA8B0FC98C9C3D20C346F59145BAF0BBF2352709CF
000
000
000
000
000
000
000
000
000
000
000
000
000
0',
shell = '/bin/bash',
uid = '502',
}
Told you it was annoying :)
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Creating Users and Hashing it's password.
On Ubuntu/Debian, you can generate the hash using: mkpasswd -m sha-512 I don't know if it works on Mac, but the output of it looks like the same as the examples posted on this topic, so I think it should work.* * -- You received this message because you are subscribed to the Google Groups Puppet Users group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/xhepExgRm0AJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
[Puppet Users] Re: Creating Users and Hashing it's password.
Thank you all for the quick responses I really do appreciate it, you
guys are awesome!!!
On Jun 8, 5:38 pm, Nigel Kersten ni...@puppetlabs.com wrote:
On Wed, Jun 8, 2011 at 2:38 PM, Nigel Kersten ni...@puppetlabs.com wrote:
On Wed, Jun 8, 2011 at 2:11 PM, Denmat tu2bg...@gmail.com wrote:
Hi,
If your password hash has any $ in it the ... will puppet make try to
expand it.
You need password = '$1$effggfdg' (single quotes).
I like using puppet resource for this.
Set the password for an account, and use puppet resource to generate the
manifest, removing the attributes you don't want to manage.
I forgot to show the actual command:
$ puppet resource user nigel
user { 'nigel':
ensure = 'present',
comment = 'nigel,,,',
gid = '1000',
groups = ['dialout', 'cdrom', 'floppy', 'audio', 'video',
'plugdev'],
home = '/home/nigel',
password =
'$6$fPUohVXH$bYZY38RJIKKUK9fF6U/taOZfOwFdRoBnRkZOV71lGIWVMj96nOwWOAMp5EGbfJ
UjbrnHP/EvszbRkZgWYRkL3.',
password_max_age = '9',
password_min_age = '0',
shell = '/bin/bash',
uid = '1000',
}
That's a test account. The password is trivial enough that you can probably
crack it :)
cheers,
Den
On 09/06/2011, at 5:18, vella1tj vella...@gmail.com wrote:
so If I changed it to
user {'sysop':
#uid = 500,
#groups = 'admin',
comment = 'Sysop',
ensure = present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password = Hash
}
Hash being the hash from /etc/shadow that would be all I needed?
On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
What I do is set the password on one host, and then copy the hash out
of
/etc/shadow into the Puppet definition to be set on the other hosts.
By default the Puppet providers expect that the password field will be
hashed as used on the system, not plaintext.
--
Nathan Clemonshttp://www.livemocha.com
The worlds largest online language learning community
On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
Hi everyone I would like to first of all say thanks to anyone willing
to help me.
I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.
user {'sysop':
#uid = 500,
#groups = 'admin',
comment = 'Sysop',
ensure = present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password = 'Haven't figured out the best way to
hash
a password and put it in here.,
}
That's what I have so far, I don't believe I understand how Hash works
completely. The way I understand it is it will have a hash in the
password field and it will compare it to other hashes to match what
the password would be. So what I was hoping to get help on (or
anything i've done wrong or you would recommend me doing different) is
how do i set a resource for the hash do i put it in my files directory
and then point it to there is there anything special I have to do
so puppet understands that it's hash.
--
You received this message because you are subscribed to the Google
Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
Nigel Kersten
Product, Puppet Labs
@nigelkersten
--
Nigel Kersten
Product, Puppet Labs
@nigelkersten
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To
[Puppet Users] Re: Creating Users and Hashing it's password.
so If I changed it to
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= Hash
}
Hash being the hash from /etc/shadow that would be all I needed?
On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
What I do is set the password on one host, and then copy the hash out of
/etc/shadow into the Puppet definition to be set on the other hosts.
By default the Puppet providers expect that the password field will be
hashed as used on the system, not plaintext.
--
Nathan Clemonshttp://www.livemocha.com
The worlds largest online language learning community
On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
Hi everyone I would like to first of all say thanks to anyone willing
to help me.
I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.
user {'sysop':
#uid = 500,
#groups = 'admin',
comment = 'Sysop',
ensure = present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password = 'Haven't figured out the best way to hash
a password and put it in here.,
}
That's what I have so far, I don't believe I understand how Hash works
completely. The way I understand it is it will have a hash in the
password field and it will compare it to other hashes to match what
the password would be. So what I was hoping to get help on (or
anything i've done wrong or you would recommend me doing different) is
how do i set a resource for the hash do i put it in my files directory
and then point it to there is there anything special I have to do
so puppet understands that it's hash.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Creating Users and Hashing it's password.
Hi,
If your password hash has any $ in it the ... will puppet make try to expand
it.
You need password = '$1$effggfdg' (single quotes).
cheers,
Den
On 09/06/2011, at 5:18, vella1tj vella...@gmail.com wrote:
so If I changed it to
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= Hash
}
Hash being the hash from /etc/shadow that would be all I needed?
On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
What I do is set the password on one host, and then copy the hash out of
/etc/shadow into the Puppet definition to be set on the other hosts.
By default the Puppet providers expect that the password field will be
hashed as used on the system, not plaintext.
--
Nathan Clemonshttp://www.livemocha.com
The worlds largest online language learning community
On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
Hi everyone I would like to first of all say thanks to anyone willing
to help me.
I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= 'Haven't figured out the best way to hash
a password and put it in here.,
}
That's what I have so far, I don't believe I understand how Hash works
completely. The way I understand it is it will have a hash in the
password field and it will compare it to other hashes to match what
the password would be. So what I was hoping to get help on (or
anything i've done wrong or you would recommend me doing different) is
how do i set a resource for the hash do i put it in my files directory
and then point it to there is there anything special I have to do
so puppet understands that it's hash.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Creating Users and Hashing it's password.
On Wed, Jun 8, 2011 at 2:11 PM, Denmat tu2bg...@gmail.com wrote:
Hi,
If your password hash has any $ in it the ... will puppet make try to
expand it.
You need password = '$1$effggfdg' (single quotes).
I like using puppet resource for this.
Set the password for an account, and use puppet resource to generate the
manifest, removing the attributes you don't want to manage.
user { 'nigel':
ensure = 'present',
comment = 'nigel,,,',
gid = '1000',
groups = ['dialout', 'cdrom', 'floppy', 'audio', 'video',
'plugdev'],
home = '/home/nigel',
password =
'$6$fPUohVXH$bYZY38RJIKKUK9fF6U/taOZfOwFdRoBnRkZOV71lGIWVMj96nOwWOAMp5EGbfJUjbrnHP/EvszbRkZgWYRkL3.',
password_max_age = '9',
password_min_age = '0',
shell= '/bin/bash',
uid = '1000',
}
That's a test account. The password is trivial enough that you can probably
crack it :)
cheers,
Den
On 09/06/2011, at 5:18, vella1tj vella...@gmail.com wrote:
so If I changed it to
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= Hash
}
Hash being the hash from /etc/shadow that would be all I needed?
On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
What I do is set the password on one host, and then copy the hash out of
/etc/shadow into the Puppet definition to be set on the other hosts.
By default the Puppet providers expect that the password field will be
hashed as used on the system, not plaintext.
--
Nathan Clemonshttp://www.livemocha.com
The worlds largest online language learning community
On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
Hi everyone I would like to first of all say thanks to anyone willing
to help me.
I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= 'Haven't figured out the best way to
hash
a password and put it in here.,
}
That's what I have so far, I don't believe I understand how Hash works
completely. The way I understand it is it will have a hash in the
password field and it will compare it to other hashes to match what
the password would be. So what I was hoping to get help on (or
anything i've done wrong or you would recommend me doing different) is
how do i set a resource for the hash do i put it in my files directory
and then point it to there is there anything special I have to do
so puppet understands that it's hash.
--
You received this message because you are subscribed to the Google
Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
Nigel Kersten
Product, Puppet Labs
@nigelkersten
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Creating Users and Hashing it's password.
On Wed, Jun 8, 2011 at 2:38 PM, Nigel Kersten ni...@puppetlabs.com wrote:
On Wed, Jun 8, 2011 at 2:11 PM, Denmat tu2bg...@gmail.com wrote:
Hi,
If your password hash has any $ in it the ... will puppet make try to
expand it.
You need password = '$1$effggfdg' (single quotes).
I like using puppet resource for this.
Set the password for an account, and use puppet resource to generate the
manifest, removing the attributes you don't want to manage.
I forgot to show the actual command:
$ puppet resource user nigel
user { 'nigel':
ensure = 'present',
comment = 'nigel,,,',
gid = '1000',
groups = ['dialout', 'cdrom', 'floppy', 'audio', 'video',
'plugdev'],
home = '/home/nigel',
password =
'$6$fPUohVXH$bYZY38RJIKKUK9fF6U/taOZfOwFdRoBnRkZOV71lGIWVMj96nOwWOAMp5EGbfJUjbrnHP/EvszbRkZgWYRkL3.',
password_max_age = '9',
password_min_age = '0',
shell= '/bin/bash',
uid = '1000',
}
That's a test account. The password is trivial enough that you can probably
crack it :)
cheers,
Den
On 09/06/2011, at 5:18, vella1tj vella...@gmail.com wrote:
so If I changed it to
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= Hash
}
Hash being the hash from /etc/shadow that would be all I needed?
On Jun 8, 3:12 pm, Nathan Clemons nat...@livemocha.com wrote:
What I do is set the password on one host, and then copy the hash out
of
/etc/shadow into the Puppet definition to be set on the other hosts.
By default the Puppet providers expect that the password field will be
hashed as used on the system, not plaintext.
--
Nathan Clemonshttp://www.livemocha.com
The worlds largest online language learning community
On Wed, Jun 8, 2011 at 12:08 PM, vella1tj vella...@gmail.com wrote:
Hi everyone I would like to first of all say thanks to anyone willing
to help me.
I was tasked with creating a Admin account using puppet to push to all
of our Macs that we have deployed around the Campus.
user {'sysop':
#uid = 500,
#groups = 'admin',
comment= 'Sysop',
ensure= present,
home = '/home/sysop',
shell = '/bin/bash',
managehome = true,
password= 'Haven't figured out the best way to
hash
a password and put it in here.,
}
That's what I have so far, I don't believe I understand how Hash works
completely. The way I understand it is it will have a hash in the
password field and it will compare it to other hashes to match what
the password would be. So what I was hoping to get help on (or
anything i've done wrong or you would recommend me doing different) is
how do i set a resource for the hash do i put it in my files directory
and then point it to there is there anything special I have to do
so puppet understands that it's hash.
--
You received this message because you are subscribed to the Google
Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google
Groups Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
--
Nigel Kersten
Product, Puppet Labs
@nigelkersten
--
Nigel Kersten
Product, Puppet Labs
@nigelkersten
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
