6/5/2017 - 7:23 PM

set-sudo-password.md

Rendered
Source

How to set sudo password of VM deployed with BOSH v2

BOSH uses crypt(3) to encrypt sudo passwords. You can find an example of how it is done in sha512_hashed_password function.

This function is called in a case when you didn't set password in vm_type section (using env.bosh.password) of Cloud Config and set director.generate_vm_passwords property.

gem install 'unix-crypt'
PASS=c1oudc0w
ruby -e "require 'unix_crypt'; require 'securerandom'; salt = SecureRandom.hex(8); puts UnixCrypt::SHA512.build('$PASS', salt);"

The password is set by bosh agent using usermod command.

You can specify env.bosh.password in you instance group declaration like this:

instance_groups:
- name: es-master
  instances: 2
  jobs:
  - name: elasticsearch
  ...
  env:
    bosh:
      password: '$6$b97b279f9ad318be$.kftfBjE4Evk8P8pVCTxPl6.s7IEnUA661AwxVHJeilJEthfJU5v/w.ce0pCzndo/.rchRxGRpu.4xD2Bxjwr0'

The same is relevant for compilation section in Cloud Config:

compilation:
  az: z1
  network: default
  vm_type: m3.large
  workers: 2
  reuse_compilation_vms: true
  env:
    bosh:
      password: '$6$b97b279f9ad318be$.kftfBjE4Evk8P8pVCTxPl6.s7IEnUA661AwxVHJeilJEthfJU5v/w.ce0pCzndo/.rchRxGRpu.4xD2Bxjwr0'

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

set-sudo-password.md

How to set sudo password of VM deployed with BOSH v2