29Jul
Ansible: User module and Password hashing
Ansible user module is used to create and manage the user access majorly in Unix servers. Below is an example of the ansible task in playbook shows usage of the ansible user module.
tasks:
- name: create new user
user:
name: deployer
password: anspassword
shell: /bin/bash
But when we try to use this module in playbooks, writing plain password text inside file is unshackled, results in various security concerns. These passwords must be hashed to use with user module.
Password hashing: It is method in which a variable length of plain password is taken as input and with cryptic mechanism creating fixed length of cryptic password.
Hashing is one-way road, revering the password into normal string is highly difficult, makes more secure. If we want to level up in security, we can use salt values which generate more secured hash passwords.
Methods of Password hashing: There are serval different ways we can hash the password but the below are the most common techniques used is MDA and SHA.
1)Password hashing using Python: Below command with random salt will prompt user to type password and with using sha-512 algorithm gives cryptic password.
pyhton -c ‘import crypt,getpass; print crypt.crypt(getpass.getpass( ))’

So, we can make use of hashed password in the playbook to use the user module in efficient way.
2)Openssl (With random salt value): Open ssl makes use of MD5 algorithm with random salt value generates the hashed password.
Command:
Openssl passwd -1 -salt $(openssl rand -base64 6) mypassword

Same as above, generated cryptic password can be used for user module in ansible for parallel execution of user id creation in n number of Unix servers.
Most of the Unix servers will follow the SHA 512 algorithm so it is advisable to follow the cryptic password which is generated with the Sha-512 algorithm. If you want to check what kind of algorithm the servers have, we can make use of below command.

Related
At our experienced and highly qualified developers and QA Engineers follow stringent quality standar...
Read More >
Date : 28th Jan 2016 | Day : Thursday | Time : 03:30 PM IST | Duration : 1 HourREGISTER yourse...
Read More >
In this blog, I would like to explain about PIVOT and UNPIVOT operator in SQL Server. The PIVOT oper...
Read More >
I think I got late with this post, but I was unaware that most of us still don’t know how to c...
Read More >
This is the final part of the Bugzilla to TFS Migrator blog series covering the actual steps of migr...
Read More >
Sonar Integration with JAVA.1.Download sonar-3.7 and sonar-runner-2.3*** unzip folders and cop...
Read More >
User Tasks is a one of the new feature added in Microsoft Dynamics NAV 2018.In this you can create t...
Read More >
In GitHub we have services that integrate with GitHub which can help you do anything from enabling c...
Read More >
In the previous blog we would have seen what GitHub is, who started this project and how it evolved ...
Read More >
Share