rdavisunr
commented
2 years ago @rgl - I have been experimenting with some of the examples from your repo. Was wondering if you ran into this same situation described above?
Open rdavisunr opened 2 years ago
rdavisunr
commented
2 years ago @rgl - I have been experimenting with some of the examples from your repo. Was wondering if you ran into this same situation described above?
rgl
commented
2 years ago @rdavisunr, sorry, but I never tried to do that, so I have no clue.
rdavisunr
commented
2 years ago @rgl thanks for the response!
For now, I am OK injecting a known password. However, I was definitely hoping to retrieve the random encrypted password.
Seems like cloudbase-init has the capability, but maybe only with the OpenStack (web API) Service and not VMWare GuestInfo service.
jaymzmac
commented
2 years ago cc @jaymzmac
Hello,
Using the VMware GuestInfo Service with CreateUserPlugin and SetUserSSHPublicKeysPlugin...
Based on the docs, setting the "admin-username" and "public-keys-data" keys should result in a random password set for a new user (or, updated for an existing user like Administrator).
I am trying to discern how to get access to the encrypted password. The docs for SetUserPasswordPlugin seem to imply an answer: "...otherwise a random password will be generated, encrypted with the user’s SSH public key and posted to the metadata provider"
However, does this work for the VMware GuestInfo Service? For example, does the CreateUserPlugin post this value back to the "admin-password" key in the guestinfo.metadata? Or, to some other key?
At the end of the day, I am trying to avoid a clear text password in the metadata. So, I'd either like to extract a random, encrypted password or inject a known password that is encrypted.
For further context, I am using Terraform to facilitate this process. So, ideally, I'd like to somehow get access to this encrypted password via Terraform. Although, I don't see an obvious way to do that either.
Thanks very much for your time,