Ansible: User module and Password hashing - Blogs
X
29Jul

Ansible: User module and Password hashing

Ansible user module is used to create and manage the user access majorly in Unix servers. Below is an example of the ansible task in playbook shows usage of the ansible user module.

tasks:

- name: create new user

   user:

         name:           deployer

         password:  anspassword

         shell:            /bin/bash

 

But when we try to use this module in playbooks, writing plain password text inside file is unshackled, results in various security concerns. These passwords must be hashed to use with user module.

Password hashing:  It is method in which a variable length of plain password is taken as input and with cryptic mechanism creating fixed length of cryptic password.

Hashing is one-way road, revering the password into normal string is highly difficult, makes more secure. If we want to level up in security, we can use salt values which generate more secured hash passwords.

Methods of Password hashing: There are serval different ways we can hash the password but the below are the most common techniques used is MDA and SHA.

1)Password hashing using Python: Below command with random salt will prompt user to type  password and with using sha-512 algorithm gives cryptic password.

pyhton -c  ‘import crypt,getpass; print crypt.crypt(getpass.getpass( ))’

So, we can make use of hashed password in the playbook to use the user module in efficient way.

 

2)Openssl (With random salt value): Open ssl makes use of MD5 algorithm with random salt value generates the hashed password.

Command:

Openssl passwd  -1 -salt $(openssl rand -base64 6)  mypassword

 

Same as above, generated cryptic password can be used for user module in ansible for parallel execution of user id creation in n number of Unix servers.

Most of the Unix servers will follow the SHA 512 algorithm so it is advisable to follow the cryptic password which is generated with the Sha-512 algorithm. If you want to check what kind of algorithm the servers have, we can make use of below command.

 

Related

DevOpSmartBoard - Azure Pipelines

DevOpSmartBoard -The Ultimate End-To-End and One Stop Dashboard solution for all the reporting needs...

Read More >

VSTS on Mobile

.main{width:677px;float:left;font: 13px/1.5 'tahoma', verdana, arial, sans-serif;}#slider1 { height:...

Read More >

Quick Understanding on Stateful Sets in Kubernetes

Stateful sets are similar to deployments, they can scale up and scale down, they can perform rolling...

Read More >

Access Control in Swift 3

End of this blog you will be able to understand the Access control specifiers open, public,internal,...

Read More >

Selenium Locators

Selenium webdriver uses locators to find the web elements on web page. The following are the list of...

Read More >

Locking VMs and Resources Groups with Azure Resource Manager using Azure PowerShell

Hello Folks!In this blog post we will be talking about locking down your Azure Resources with Azure ...

Read More >

Understanding how to create and Install Windows Services in C#.Net

Windows Service in C#:This article is about how to create a Windows Service in C# .net using Visual ...

Read More >

CxO Roundtable at C-SOaP- SUMMIT 2013

   img{ display:block; } #outlook a{ padding:0; } body{ width:100% !importa...

Read More >

Services and Blue-Green Deployment Strategy

In this article, we’ll briefly focus on services and blue-green deployment strategy.What is a servi...

Read More >

Share

Try DevOpSmartBoard Ultimate complete Azure DevOps End-to end reporting tool

Sign Up

  • Recent
  • Popular
  • Tag
Tags
Monthly Archive
Subscribe
Name

Text/HTML
Contact Us
  • *
  • *