Is there a particular reason to have user passwords set?
I recommend not setting user passwords on the user definitions, only
allow login via ssh with keys, and set sudo up for users that need
root access with "NOPASSWD".
This is consistent with recommendations from security experts such as
SANS Institute, too :).
--
On Sat, Sep 25, 2010 at 12:47 PM, < "> > wrote:
> I want to use chef to maintain users with a default password while allowing the
> user to change their password. Each time I rerun chef-client, the user's
> password gets reset. Is there a way I can keep it from resetting back to the
> default? I'm thinking about only adding the password param if the entry isn't
> already in /etc/passwd but it seems like there should be an easier way?
>
Opscode, Inc
Joshua Timberman, Senior Solutions Engineer
C: 720.878.4322 E: ">
Archive powered by MHonArc 2.6.16.