4

I create a random password with Ansible. 4 characters in length. 

- hosts: localhost
  vars:
    pwd_alias: "{{ lookup('password', '/dev/null length=4 chars=ascii_letters,digits,hexdigits,punctuation' ) }}"

  user: root
  tasks:
    - debug:
        msg: Sifre= {{pwd_alias}}

    - debug:
        msg: Sifre= {{pwd_alias}}

    - debug:
        msg: Sifre= {{pwd_alias}}

    - debug:
        msg: Sifre= {{pwd_alias}}

I want it to be password example. I want the output to look like this example.

TASK [debug] 
ok: [localhost] => {
    "msg": "Sifre= Z/bO"
}

TASK [debug] 
ok: [localhost] => {
    "msg": "Sifre= a_4G"
}

TASK [debug] 
ok: [localhost] => {
    "msg": "Sifre= 9a&0"
}

TASK [debug] 
ok: [localhost] => {
    "msg": "Sifre= d.2C"
}

  1. ascii_letters = 1

  2. hexdigits = 1

  3. digits = 1

  4. punctuation = 1

I want him to generate a random password like this. But what the system produces sometimes changes. Sometimes there are no digits, sometimes there is no punctuation. I want these 4 features to be absolutely.

 ansible version = 2.7.10

This is how the outputs are

TASK [debug] 
ok: [localhost] => {
    "msg": "Sifre= Z/bh"
}

TASK [debug] 
ok: [localhost] => {
    "msg": "Sifre= a_-G"
}

TASK [debug] 
ok: [localhost] => {
    "msg": "Sifre= 9ad0"
}

TASK [debug] 
ok: [localhost] => {
    "msg": "Sifre= d.aC"
}

How do I get each character? Thank you so much

Birol Emekli
  • 155
  • 3
  • 11

2 Answers2

1

This solution works, you need to generate each type chars separately then concatenate them :

- hosts: localhost
  vars:
    pwd_alias_digit1: "{{ lookup('password', '/dev/null length=1 chars=ascii_letters' ) }}"
    pwd_alias_digit2: "{{ lookup('password', '/dev/null length=1 chars=digits' ) }}"
    pwd_alias_digit3: "{{ lookup('password', '/dev/null length=1 chars=hexdigits' ) }}"
    pwd_alias_digit4: "{{ lookup('password', '/dev/null length=1 chars=punctuation' ) }}"
    pwd_alias: "{{ pwd_alias_digit1 + pwd_alias_digit2 + pwd_alias_digit3 + pwd_alias_digit4 }}"

  user: root
  tasks:
    - debug:
        msg: Sifre= {{pwd_alias}}

    - debug:
        msg: Sifre= {{pwd_alias}}

    - debug:
        msg: Sifre= {{pwd_alias}}

    - debug:
        msg: Sifre= {{pwd_alias}}

Another way is to create your own password lookup plugin : my_password. It's easier to create a new plugin and use it simple in a playbook. It's better and the playbook will remain readable.

Nelson G.
  • 5,145
  • 4
  • 43
  • 54
  • **Thank you so much.** @nelson-g But here the characters are side by side. I want mixed. Example: Let the length be 8. With this logic, this happens. ca #! 35GT But I don't want that to happen. I want it that way. c # 3g to! T5 It's ridiculous to do this by defining many variables. ``` pwd_alias: "{{lookup ('password', '/ dev / null length = 12 chars = ascii_letters, digits, hexdigits, punctuation')}}" ``` In this function I want to assign it randomly. – Birol Emekli Aug 07 '19 at 09:05
  • Create a `my_password` lookup plugin, I updated answer – Nelson G. Aug 07 '19 at 09:17
1

Generate the passwords in a separate file. Get random character from each set and create pwd_alias_list. Then shuffle and join the list.

$ cat generate-password-4.yml
- set_fact:
    pwd_alias_list: []
- set_fact:
    pwd_alias_list: "{{ pwd_alias_list + [
                        lookup('password', '/dev/null length=1 chars=' ~ item) ]
                        }}"
  loop:
    - ascii_letters
    - digits
    - hexdigits
    - punctuation
- set_fact:
    pwd_alias: "{{ pwd_alias_list|shuffle|join('') }}"

The tasks below

  tasks:
    - include_tasks: generate-password-4.yml
    - debug:
        var: pwd_alias
    - include_tasks: generate-password-4.yml
    - debug:
        var: pwd_alias
    - include_tasks: generate-password-4.yml
    - debug:
        var: pwd_alias
    - include_tasks: generate-password-4.yml
    - debug:
        var: pwd_alias

give

"pwd_alias": "ld(9"
"pwd_alias": "2R`9"
"pwd_alias": "O5(0"
"pwd_alias": "2>z5"

It's possible to make the generation of the password more flexible and create a list of the characters' sets my_char_specs and number of the repetitions my_repeat

$ cat generate-password.yml
- set_fact:
    pwd_alias_list: []
- set_fact:
    pwd_alias_list: "{{ pwd_alias_list + [
                        lookup('password', '/dev/null length=1 chars=' ~ item.0) ]
                        }}"
  with_nested:
    - "{{ my_char_specs }}"
    - "{{ range(0, my_repeat)|list }}"
- set_fact:
    pwd_alias: "{{ pwd_alias_list|shuffle|join('') }}"

The task below repeat the random choice from four sets four times

  vars:
    my_char_specs:
      - ascii_letters
      - digits
      - hexdigits
      - punctuation
    my_repeat: 4
  tasks:
    - include_tasks: generate-password.yml
    - debug:
        var: pwd_alias

and gives

"pwd_alias": "8=3[9BD(7?3bJ5y3"
Vladimir Botka
  • 58,131
  • 4
  • 32
  • 63
  • Thanks. @vladimir-botka This is a solution if length is 4 thanks. So how do I get it because the length is 12? Sample: **318)#:izf865** producing in this way. But I **6#f:83)5Z18** I expect it to be mixed in style. If; pwd_alias: "{{lookup ('password', '/ dev / null length = 12 chars = ascii_letters, digits, hexdigits, punctuation')}}" If I can make it mandatory with this line I will produce as I want. chars = ascii_letters: digits: hexdigits: punctuation chars = ascii_letters-digits-hexdigits-punctuation I tried this style, but I didn't succeed. – Birol Emekli Aug 07 '19 at 09:22
  • I've updated the answer. Fit the variables to your needs. – Vladimir Botka Aug 07 '19 at 09:47
  • Thank you so much. @vladimir-botka That was the solution. Respects – Birol Emekli Aug 07 '19 at 11:02