Hi Jeff,Thanks for the responses so far..Your reply is along the line of what I'm trying to do.so my code would be:-clever = '{"id": "svc_goagent","password": {"encrypted_data": "ro21vM1nle78CTBLSNyr40e2tM9VZiiSfbinDAvwZpKov3r9gokq6jStDeAH\nsyRs\n","iv": "PfWTKqKoc3OxO8WxTnW7Zg==\n","version": 1,"cipher": "aes-256-cbc"}}'parsed = JSON.parse(clever)x = parsed["password"]new_pass = %x(openssl passwd -1 "#{x}")user 'svc_goagent' dosupports :manage_home => truecomment 'Go agent user'uid 2333gid 2000home '/home/svc_goagent'shell '/bin/bash'password {"#{new_pass}"}endIs that correct?Sent from iCloudMight even be able to have Ruby shell out to generate that:user 'foo' doaction :create…password { `openssl passwd -l 'plaintextpassword'` }endYou would want, I think, to not actually have the plain text password right there; I’d suggest perhaps using an encrypted data bag for the actual value there.Lastly though; why use passwords at all? Why not use SSH keys? Far simpler to manage…On March 4, 2015 at 8:27:33 AM, Fabien Delpierre ( " target="_blank"> ) wrote:
endpassword "$1$hLPHf35Y$.6m81pCpLfPHW/py5ee1Y."action :createuser "foo" doPut that in your code after password, like so:The correct method is to obtain the password's shadow hash and use that in your recipe.Hello,I've never seen this syntax so I'm not sure it's supported. It's definitely not in the docs for Chef's user resource at https://docs.chef.io/resource_user.html.$ openssl passwd -1 "plaintextpassword"
That will return something like: $1$hLPHf35Y$.6m81pCpLfHrW/py5ee1Y.
...Hope this helps.FabienOn Wed, Mar 4, 2015 at 7:36 AM, ANGELA EBIRIM < " target="_blank"> > wrote:Hello everyone,I'd appreciate some assistance.I'm trying to create a user on a UNIX box with the following code:-user "svc_goagent" doaction :createcomment "go agent"uid 1234gid 2000home "home/svc_goagent"shell "/bin/bash"password "{"encrypted_data"=>"ro21vM1nle78CTBLSNyr40e2tM9VZiiSfbinDAvwZpKov3r9gokq6jStDeAH\nsyRs\n", "iv"=>"PfWTKqKoc3OxO8WxTnW7Zg==\n", "version"=>1, "cipher"=>"aes-256-cbc"}"supports :manage_home => trueendMy problem is when I put this into a recipe and then do a chef run, I get errors that prevent the user from being created. Can someone please tell me what is the code to pass an encrypted hash as a password for a new user?ThanksAngelaSent from iCloud
Archive powered by MHonArc 2.6.16.