General discussion about Chef

[chef] Re: Re: How to keep from resetting user password


Chronological Thread 
  • From: " " < >
  • To:
  • Subject: [chef] Re: Re: How to keep from resetting user password
  • Date: Sat, 25 Sep 2010 12:09:21 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=RorCnu8uZ96+YOGHIwbgYz41ivBYnjPtKHXka1jQeewArtdHSPb6PbJBAjbxBnQQJ7 0fa0Hapz2WFJXU3soNlUKb+ofQqUEHSdHyPUCRxOlZ4bXOQDb+IU1ZRyy0xpbQGnubN0 J67djBQXgIH0Vglr8RQddTFM1USdAk7adAWxE=
I like it that way too :).
--sahil


On Sat, Sep 25, 2010 at 12:08 PM, Joshua Timberman < "> > wrote:
Is there a particular reason to have user passwords set?

I recommend not setting user passwords on the user definitions, only
allow login via ssh with keys, and set sudo up for users that need
root access with "NOPASSWD".

This is consistent with recommendations from security experts such as
SANS Institute, too :).

On Sat, Sep 25, 2010 at 12:47 PM,  < "> > wrote:
> I want to use chef to maintain users with a default password while allowing the
> user to change their password.  Each time I rerun chef-client, the user's
> password gets reset.  Is there a way I can keep it from resetting back to the
> default?  I'm thinking about only adding the password param if the entry isn't
> already in /etc/passwd but it seems like there should be an easier way?
>



--
Opscode, Inc
Joshua Timberman, Senior Solutions Engineer
C: 720.878.4322 E: ">


Archive powered by MHonArc 2.6.16.

§