From 3b4f3f8ca33e8c470123c1681fde69158a67d2e1 Mon Sep 17 00:00:00 2001 From: Joshua Lund Date: Tue, 7 Jan 2014 18:20:39 -0700 Subject: [PATCH] Improved the documentation for password generation --- docsite/rst/faq.rst | 14 ++++++++++++-- library/system/user | 4 ++-- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/docsite/rst/faq.rst b/docsite/rst/faq.rst index 2634195a87..1cdabd9148 100644 --- a/docsite/rst/faq.rst +++ b/docsite/rst/faq.rst @@ -215,9 +215,19 @@ Ansible 1.4 will also make remote environment variables available via facts in t How do I generate crypted passwords for the user module? ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -Crypted password values can be generated as follows:: +The mkpasswd utility that is available on most Linux systems is a great option:: - openssl passwd -salt -1 + mkpasswd --method=SHA-512 + +If this utility is not installed on your system (e.g. you are using OS X) then you can still easily +generate these passwords using Python. First, ensure that the `Passlib <https://code.google.com/p/passlib/>`_ +password hashing library is installed. + + pip install passlib + +Once the library is ready, SHA512 password values can then be generated as follows:: + + python -c "from passlib.hash import sha512_crypt; print sha512_crypt.encrypt('<password>')" .. _commercial_support: diff --git a/library/system/user b/library/system/user index 48bcf75171..aa32393bd9 100644 --- a/library/system/user +++ b/library/system/user @@ -77,8 +77,8 @@ options: description: - Optionally set the user's password to this crypted value. See the user example in the github examples directory for what this looks - like in a playbook. - - Passwords values can be generated with "openssl passwd -salt <salt> -1 <plaintext>" + like in a playbook. The `FAQ <http://docs.ansible.com/faq.html#how-do-i-generate-crypted-passwords-for-the-user-module>`_ + contains details on various ways to generate these password values. state: required: false default: "present"