How to Change a User Password with Ansible
How to write an Ansible Playbook to assign the password "password" to an "example" user account in a Linux system with SHA512 encryption.
How to Change a User Password with Ansible
Welcome to another episode of Ansible Pilot! I’m Luca Berton, and in today’s session, we’ll explore how to change a user password using Ansible. The Ansible module we’ll be focusing on is ansible.builtin.user
, a stable and well-established module that comes bundled with Ansible. It’s designed to manage user accounts on various Linux distributions, SunOS, macOS, and FreeBSD.
Understanding the Ansible user
Module
The ansible.builtin.user
module falls under the “builtin” collection of Ansible modules, indicating its integral nature within the Ansible framework. This module has been around for years and proves reliable in handling user accounts across a wide range of operating systems. For Windows environments, the equivalent module is ansible.windows.win_user
.
Key Parameters
The user
module offers a plethora of parameters to cater to various user management tasks. Here are some key parameters:
name
(string): Specifies the username.state
(string): Indicates whether the user should be present or absent.password
(string): For Linux, the password must be encrypted; for macOS, it can be in cleartext.
The only mandatory parameter is “name” since it denotes the username. The “state” parameter is crucial and should be set to “present” when changing the password, as it ensures the account exists. The most significant parameter is “password,” allowing you to set the new password. For macOS, the password is in cleartext, while for Linux, it must be encrypted. The password_hash
filter can be used to generate an encrypted password. Optionally, you can specify the encryption algorithm and salt to enhance password security.
The Best Resources For Ansible
Certifications
- Coursera Pro - Unlimited access to 7,000+ world-class courses, hands-on projects, and job-ready certificate programs—all included in your subscription
Video Course
Printed Book
-
Ansible For VMware by Examples
-
Ansible for Kubernetes by Example
-
Hands-on Ansible Automation
-
Red Hat Ansible Automation Platform
eBooks
- Ansible by Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps
- Ansible Cookbook: A Comprehensive Guide to Unleashing the Power of Ansible via Best Practices, Troubleshooting, and Linting Rules with Luca Berton
- Terraform By Example: A Practical Approach for Beginners to Learn Cloud Infrastructure with Terraform
- Ansible For Windows By Examples: 50+ Automation Examples For Windows System Administrator And DevOps
- Ansible For Linux by Examples: 100+ Automation Examples For Linux System Administrator and DevOps
- Ansible Linux Filesystem By Examples: 40+ Automation Examples on Linux File and Directory Operation for Modern IT Infrastructure
- Ansible For Security by Examples: 100+ Automation Examples to Automate Security and Verify Compliance for IT Modern Infrastructure
- Ansible Tips and Tricks: 10+ Ansible Examples to Save Time and Automate More Tasks
- Ansible Linux Users & Groups By Examples: 20+ Automation Examples on Linux Users and Groups Operation for Modern IT Infrastructure
- Ansible For PostgreSQL by Examples: 10+ Examples To Automate Your PostgreSQL database
- Ansible For Amazon Web Services AWS By Examples: 10+ Examples To Automate Your AWS Modern Infrastructure
- Ansible Automation Platform By Example: A step-by-step guide for the most common user scenarios
Live Demo: Changing a User Password in Linux
Let’s dive into a practical Ansible playbook to demonstrate changing a user account password in a Linux environment.
Ansible Playbook Code
change_password.yml
---
- name: user module demo
hosts: all
become: true
vars:
myuser: "example"
mypassword: "password"
tasks:
- name: change password
ansible.builtin.user:
name: "{{ myuser }}"
state: present
password: "{{ mypassword | password_hash('sha512') }}"
Playbook Execution Output
$ ansible-playbook -i demo/inventory change\ user\ password/user.yaml
PLAY [user module demo] ***************************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [change password] ****************************************************************************
changed: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
The Best Resources For Ansible
Certifications
- Coursera Pro - Unlimited access to 7,000+ world-class courses, hands-on projects, and job-ready certificate programs—all included in your subscription
Video Course
Printed Book
-
Ansible For VMware by Examples
-
Ansible for Kubernetes by Example
-
Hands-on Ansible Automation
-
Red Hat Ansible Automation Platform
eBooks
- Ansible by Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps
- Ansible Cookbook: A Comprehensive Guide to Unleashing the Power of Ansible via Best Practices, Troubleshooting, and Linting Rules with Luca Berton
- Terraform By Example: A Practical Approach for Beginners to Learn Cloud Infrastructure with Terraform
- Ansible For Windows By Examples: 50+ Automation Examples For Windows System Administrator And DevOps
- Ansible For Linux by Examples: 100+ Automation Examples For Linux System Administrator and DevOps
- Ansible Linux Filesystem By Examples: 40+ Automation Examples on Linux File and Directory Operation for Modern IT Infrastructure
- Ansible For Security by Examples: 100+ Automation Examples to Automate Security and Verify Compliance for IT Modern Infrastructure
- Ansible Tips and Tricks: 10+ Ansible Examples to Save Time and Automate More Tasks
- Ansible Linux Users & Groups By Examples: 20+ Automation Examples on Linux Users and Groups Operation for Modern IT Infrastructure
- Ansible For PostgreSQL by Examples: 10+ Examples To Automate Your PostgreSQL database
- Ansible For Amazon Web Services AWS By Examples: 10+ Examples To Automate Your AWS Modern Infrastructure
- Ansible Automation Platform By Example: A step-by-step guide for the most common user scenarios
Verification
$ sshpass -p 'password' [email protected]
Note: Ensure that the sshpass
utility is installed on the system.
Recap
Congratulations! You’ve successfully learned how to change a user password using Ansible. The ansible.builtin.user
module provides a robust and versatile solution for managing user accounts. Feel free to customize the playbook to suit your environment and security requirements. Happy automating!
Academy
Learn the Ansible automation technology with some real-life examples in my
My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps
Donate
Want to keep this project going? Please donate