salt.modules.bsd_shadow¶
Manage the password database on BSD systems
-
salt.modules.bsd_shadow.
default_hash
()¶ Returns the default hash used for unset passwords
CLI Example:
salt '*' shadow.default_hash
-
salt.modules.bsd_shadow.
info
(name)¶ Return information for the specified user
CLI Example:
salt '*' shadow.info someuser
-
salt.modules.bsd_shadow.
set_password
(name, password)¶ Set the password for a named user. The password must be a properly defined hash. The password hash can be generated with this command:
python -c "import crypt; print crypt.crypt('password', ciphersalt)"
NOTE: When constructing the
ciphersalt
string, you must escape any dollar signs, to avoid them being interpolated by the shell.'password'
is, of course, the password for which you want to generate a hash.ciphersalt
is a combination of a cipher identifier, an optional number of rounds, and the cryptographic salt. The arrangement and format of these fields depends on the cipher and which flavor of BSD you are using. For more information on this, see the manpage forcrpyt(3)
. On NetBSD, additional information is available inpasswd.conf(5)
.It is important to make sure that a supported cipher is used.
CLI Example:
salt '*' shadow.set_password someuser '$1$UYCIxa628.9qXjpQCjM4a..'