Hello,
i want to create users on a centos system. the users use rsa keys to authenticate on the linux.
They have an PAM token to connect on the maria db on the system.
And with PAM they need an Linux password and the token to login to the maria.
The Users need no password to connect to the centos.
But the maria with PAM autentication need an correct linux password (and that is ok).
So i begin:
- name: add 2factorauth users
user:
name: “{{ item.user }}”
password: “{{ ‘{{ item.user }}’ | password_hash(‘sha512’) }}”
update_password : on_create
state: present
shell: /bin/bash
system: no
createhome: yes
home: “/home/{{ item.user }}”
with_items: “{{ two_factor_users }}”
This should generate a user with a password on a linux system.
And yes it generate a user. and yes this user has a password (encrypted in the /etc/shadow) but the user cant use this password to login to the maria.
if the user want to change the password with passwd he gets the error: authentication token manipulation error
So it seems the encrypted password is not correct. If i use my root account and create a new password for the user with passwd -f , the user can login to the mariadb with the password.
I checked the password encryption method on the linux instance. And yes this is sha512
What is wrong?