I had an issue where "puppet module install" worked, but "puppet-code deploy"
would not pull in Forge modules.
Between the Slack channel and opening a ticket, I got information and a
workaround:
Unfortunately, PE 2019.2.0 and 2019.2.1 have a regression in r10k proxy
handling that we just
Of course this is not idempotent. Mmm, security is difficult.
-Original message-
From: Bart-Jan Vrielink
Sent: Friday 15th November 2019 16:18
To: puppet-users@googlegroups.com
Subject: RE: [Puppet Users] Managing a local users password with puppet on EL7
Hello,
Glad to hear that
Hello,
Glad to hear that you got it to work.
Before you put this into production, please make sure you don't re-use the same
salt value. Try to randomize it. Something like
seeded_rand_string(16,strftime("%s%L")) may work.
-Original message-
From: jmp242
Sent: Friday 15th
I figured it out. Thanks for the help. It's because I wasn't doing I
password => pw_hash(*'password'*, 'SHA-512', 'mysalt'),
I was doing
Sensitive(pw_hash(*'$password'*, 'SHA-512', 'oursalt')),
And because I used single quotes, it wasn't actually getting the parameter
/ variable,
Hello,
I'm still puzzled by why this is not working on your system. The following
works for me on a Centos7 machine:
user { 'testuser':
ensure => 'present',
password => pw_hash('password', 'SHA-512', 'mysalt'),
}
-Original message-
From: jmp242
Sent:
So, I set the password manually with passwd and got an entirely different
hash than when I use the pw_hash function. The salt is obviously different
as well, but the rest of /etc/shadow entry is the same. ssh user@localhost
works with the password when I set manually with passwd, and does not
Hello,
I doubt str2saltedsha512 can be used to generate encrypted passwords, as the
resulting string does not contain the id nor salt.
pw_hash should work, although in the brief test I just did, it looks like a
lower case 'sha-512' should be used.
I think you should debug this issue a
