Help with securing password

Phil_Brady · July 27, 2018, 2:03pm

Hi,

Can someone help me with the below please?

I have a role with the following task in

roles/passwd/tasks/main.yml

name: Change user1 password
user: name=user1 update_password=always password={{ user1_password }}

I have this variable in my group vars

inventories/reporting/all.yml

user1_password: “{{ ‘user1passwd’ | password_hash(‘sha512’) }}”

The task runs without issue but if I try to login with user1 and user1passwd it does not work
I want to move the var out of all.yml and into a vault but I am not sure how ansible will find the password if its not in all.yml?

Thanks,

Phil

dan_linder · July 28, 2018, 9:00pm

Can you provide more details on the “does not work” when you login. If the playbook does report that it changed it (or on the second run reports “ok”), then as far as Ansible can tell it’s set. There might be something on your system denying the login.

On my Fedora 28 workstation with Ansible 2.6.1 this playbook called “pwd.yml”:

Topic		Replies	Views
user module update_password changing password to and unknown value Ansible Project	1	1	April 26, 2016
Issue with password hash in user module when passing ByVal ??? Ansible Developer	0	1	September 11, 2019
Accessing encrypted variables fails Ansible Project	1	0	December 22, 2016
How to add password variables? Ansible Project	1	0	March 25, 2016
[Ansible 2.*] Problem with variables Ansible Project	5	0	January 19, 2016

Help with securing password

Related topics