2

I'm provisioning an Ubuntu 14.04 server with Digital Ocean and am using Cloud-Config in the user data field to do some initial setup. The issue I am having is creating a new user and setting a password with a SHA-512 hashed password string. Upon creation of the server, this new password does not work. When examining the /etc/shadow file, I find that the hashed password has been copied over with an erroneous ! at the start of the hash. Example line from /etc/shadow/ is as follows:

jerry:!$6$rHazYJBiLiJ2$yZei93AcU9JlauoBV338kVMAOBk0b83iYtxw2/seXfTVuW0e6qtP4sL.ip9JVdnT3HbZ4620ql66WaEANJkg61:16855:0:99999:7:::

Upon removing the ! immediately after jerry:, the password works as expected.

Does anyone have any idea why this could be happening?

Improve this question

1 Answer 1

Reset to default
1

After a bit more research into the intricacies of Cloud-Config, I've found the issue. By default, the value of lock-passwd is set to True. This is what is causing the ! to be added before the hashed password in /etc/shadow. Explicitly setting lock-passwd to False allows everything to sail along smoothly!

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.