Reputation: 10183
Allow user to set password after creating account using Ansible
I have the following playbook which I am using to create a new user on an Ubuntu 16.04 host:
---
- hosts: all
become: yes
become_method: sudo
tasks:
- name: Create user guybrush
user: name=guybrush comment="Guybrush Threepwood" shell=/bin/bash groups=pirates append=yes
- name: Copy SSH key for guybrush
authorized_key: user=guybrush key={{ lookup("file", "/home/guybrush/.ssh/id_rsa.pub") }}
However when I log in as the new user and try to se my password using passwd I get asked for my (current) UNIX password. Given that no password has been set for user I'm not sure why I am asked for it.
How can I fix my playbook so that newly created users can easily set their passwords after logging in the first time?
Upvotes: 2
Views: 3945
Answers (1)
Reputation: 68229
You can set password to empty line, so passwd will not ask for old password.
You also can set it as expired to force user to change password on first login.
- user: name=jsmith password=""
- authorized_key: user=jsmith key={{ lookup("file", "/somepath/id_rsa.pub") }}
- command: chage -d 0 jsmith
If there are security concerns with empty password, you can set it to some random predefined one and play with welcome ssh message to display it on first login.
Upvotes: 3
Related Questions
- Creating a new user and password with Ansible
- Ansible become_user asks for password even though it is configured passwordless
- Create user with option --disabled-password by Ansible
- Setting password idempotently for linux user in ansible
- Adding users in ansible and enforcing password change, resets user's password when adding new user
- How do I create a user and set a password using ansible?
- How pass password with Ansible?
- Can't assign password to user with ansible user module
- ansible created password for a user does not work for ssh sessions
- Ansible: How to set password for a user? Having trouble encrypting the password