修改root密码
---
- name: Change root password on multiple hosts
hosts: all # 目标主机组
vars:
password_length: 16 # 密码长度(可以调整)
timestamp: "{{ ansible_date_time.date }}"
output_file: "/home/ansible/log/passwords.txt" # 生成以时间命名的文件路径
password_charset: "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_=+[]{}|;:,.<>?/~" # >密码字符集
tasks:
- name: Generate random password for root user
set_fact:
new_root_password: "{{ lookup('password', '/dev/null length=' + password_length|string + ' chars=' + password_charset ) }}"
- name: Set the root password
user:
name: root
password: "{{ new_root_password | password_hash('sha512') }}" # 使用 SHA-512 加密密码
register: result
- name: Save hostname and password to file
shell: "echo 'Hostname: {{ inventory_hostname }}, Password: {{ new_root_password }}' >> {{ output_file }}"
delegate_to: localhost
- name: Print the new root password (for verification)
debug:
msg: "New password for root on {{ inventory_hostname }} is {{ new_root_password }}"
when: result.changed