Ansible: User module and Password hashing - Blogs
X
29Jul

Ansible: User module and Password hashing

Ansible user module is used to create and manage the user access majorly in Unix servers. Below is an example of the ansible task in playbook shows usage of the ansible user module.

tasks:

- name: create new user

   user:

         name:           deployer

         password:  anspassword

         shell:            /bin/bash

 

But when we try to use this module in playbooks, writing plain password text inside file is unshackled, results in various security concerns. These passwords must be hashed to use with user module.

Password hashing:  It is method in which a variable length of plain password is taken as input and with cryptic mechanism creating fixed length of cryptic password.

Hashing is one-way road, revering the password into normal string is highly difficult, makes more secure. If we want to level up in security, we can use salt values which generate more secured hash passwords.

Methods of Password hashing: There are serval different ways we can hash the password but the below are the most common techniques used is MDA and SHA.

1)Password hashing using Python: Below command with random salt will prompt user to type  password and with using sha-512 algorithm gives cryptic password.

pyhton -c  ‘import crypt,getpass; print crypt.crypt(getpass.getpass( ))’

So, we can make use of hashed password in the playbook to use the user module in efficient way.

 

2)Openssl (With random salt value): Open ssl makes use of MD5 algorithm with random salt value generates the hashed password.

Command:

Openssl passwd  -1 -salt $(openssl rand -base64 6)  mypassword

 

Same as above, generated cryptic password can be used for user module in ansible for parallel execution of user id creation in n number of Unix servers.

Most of the Unix servers will follow the SHA 512 algorithm so it is advisable to follow the cryptic password which is generated with the Sha-512 algorithm. If you want to check what kind of algorithm the servers have, we can make use of below command.

 

Related

Web API 2 With Repository pattern

Web API 2 With Repository patternHow to create Repository pattern in web API 2.Overview of Repositor...

Read More >

Performing Sonar Analysis for .NET projects

 Sonar Integration with TFS build for .net projectsThis document provides details about TFS and...

Read More >

Microsoft VSTS Consulting

At a time when businesses are attempting to attain the highest possible degree of standardization an...

Read More >

Using XMPP and Openfire server in ASP.NET C# - Part -1

Extensible Messaging and Presence Protocol (XMPP)The Extensible Messaging and Presence Protocol (XMP...

Read More >

Handling Radio buttons and Checkboxes using Selenium Webdriver

The main difference between Radio button and Checkbox is that, using radio button we will be able to...

Read More >

End to End Testing Using Visual Studio 2010. (Power of Visual Studio-Ultimate for Testing. )

Scenario:Usage of Manual Test case(MTM) to perform the Load Test using Visual Studio 2010.We call it...

Read More >

Why move to VSTS?

Using many features of VSTS allow you to get started quickly and even make it easier to build, ...

Read More >

Webinar - Streamline Software Development Using Microsoft ALM

Please watch the LIVE RECORDING Video of the webinar session below which took place on 3rd...

Read More >

Implementing Azure DevSecOps with Microsoft Credential Scanner

Let’s look at CredScan which is a Microsoft Code Analysis extension and it is abbreviated as MSCA i...

Read More >

Microsoft Azure : Running JAVA Web Application using template

We will create Java web app in Azure App Service by using the Azure portal. The Azure...

Read More >

Share

Try DevOpSmartBoard Ultimate complete Azure DevOps End-to end reporting tool

Sign Up

  • Recent
  • Popular
  • Tag
Monthly Archive
Subscribe
Name

Text/HTML
Contact Us
  • *
  • *