changing a password with ansible

44 views
Skip to first unread message

Joost Ringoot

unread,
Jun 11, 2021, 2:59:25 PM6/11/21
to Ansible Project

Hello,

I am trying to change a password with ansible but it doesn't work. I don't see why it is not working. Do you see what is going wrong? see screenshot or cli below
Screenshot from 2021-06-11 20-49-25.png
[pipo@install-me ~]$ ansible all -i localhost, -m debug -a "msg={{ 'Een.voorbeeld.passwoord' | password_hash('sha512') }}"
localhost | SUCCESS => {
    "msg": "$6$sTmb9Vaxxd9fOGyC$AueAkwgO1M.qnKtKrtAFuPN5iTt0h.Dl1DcLSx9a/fqGTpltbuWAB3ZO.wsQOJTH95l3DIz/blpKFDezAzXhL."
}
[pipo@install-me ~]$ ansible localhost -m user -a "name=jopy update_password=always password={{ '$6$sTmb9Vaxxd9fOGyC$AueAkwgO1M.qnKtKrtAFuPN5iTt0h.Dl1DcLSx9a/fqGTpltbuWAB3ZO.wsQOJTH95l3DIz/blpKFDezAzXhL.' | password_hash('sha512') }}" -u root
localhost | CHANGED => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/bin/python"
    },
    "append": false,
    "changed": true,
    "comment": "",
    "group": 1004,
    "home": "/home/jopy",
    "move_home": false,
    "name": "jopy",
    "password": "NOT_LOGGING_PASSWORD",
    "shell": "/bin/bash",
    "state": "present",
    "uid": 1004
}
[pipo@install-me ~]$ su - jopy
Password:
su: Authentication failure
[pipo@install-me ~]$ exit
logout
[root@install-me ~]# passwd jopy
Changing password for user jopy.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@install-me ~]# su - pipo
Last login: Fre Jun 11 20:40:54 CEST 2021 on pts/0
[pipo@install-me ~]$ su - jopy
Password:
Last login: Fri Jun 11 20:42:32 CEST 2021 from localhost on pts/1
Last failed login: Fri Jun 11 20:48:35 CEST 2021 on pts/0
There were 3 failed login attempts since the last successful login.
[jopy@install-me ~]$ ansible --version
ansible 2.9.21
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/jopy/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /bin/ansible
  python version = 2.7.5 (default, Nov 16 2020, 22:23:17) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
[jopy@install-me ~]$ cat /etc/*release
CentOS Linux release 7.9.2009 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

CentOS Linux release 7.9.2009 (Core)
CentOS Linux release 7.9.2009 (Core)
[jopy@install-me ~]$ uname -a
Linux install-me 3.10.0-1160.6.1.el7.x86_64 #1 SMP Tue Nov 17 13:59:11 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[jopy@install-me ~]$

Thanks ahead


Joost Ringoot

unread,
Jun 11, 2021, 3:32:01 PM6/11/21
to Ansible Project
For the record,
I tried this as well on Debian 10 buster (ansible 2.7) and with the ansible from the backports repository (ansible 2.9)


Op vrijdag 11 juni 2021 om 20:59:25 UTC+2 schreef Joost Ringoot:
Message has been deleted

John Petro

unread,
Jun 16, 2021, 10:04:53 AM6/16/21
to ansible...@googlegroups.com
Maybe I am reading this wrong, but I think that by you putting the password hash inside {{ }}, that ansible may be interpreting it as a variable.  I would have to poke and see if that is the actual case or not.

--John

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/fd4cce30-3c17-4860-aaa6-9f3b8b7e7f49n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages