ReleaseEngineering/How To/Reset a Password with Puppet: Difference between revisions
< ReleaseEngineering | How To
Jump to navigation
Jump to search
mNo edit summary |
No edit summary |
||
| Line 5: | Line 5: | ||
openssl passwd -1 | openssl passwd -1 | ||
# now type the password and confirmation | # now type the password and confirmation | ||
Now, copy and paste that password hash into /etc/puppet/manifests/secrets.pp as the 'password' for the cltbld user. Do this on all active puppet masters. '''do not check this change in!''' | |||
Now, copy and paste that password hash into /etc/puppet/manifests/secrets.pp as the 'password' for the cltbld user (/etc/puppet/production/manifests/extlookup on puppetagain masters). Do this on all active puppet masters. '''do not check this change in!''' | |||
Both the root and cltbld passwords can be updated this way. | Both the root and cltbld passwords can be updated this way. | ||
Revision as of 16:17, 5 March 2013
User passwords are stored in a hashed format alongside other user information. We do not put the hashes in a public location for hopefully obvious reasons - please make sure you don't do this by accident.
Let's say you want to update cltbld's password. First, you need to generate the new hash. You can do that by running the following:
openssl passwd -1 # now type the password and confirmation
Now, copy and paste that password hash into /etc/puppet/manifests/secrets.pp as the 'password' for the cltbld user (/etc/puppet/production/manifests/extlookup on puppetagain masters). Do this on all active puppet masters. do not check this change in!
Both the root and cltbld passwords can be updated this way.