3

I am creating admin user account by prompting for user input through Ansible. This admin account

vars_prompt:
  - name: "Username"
    prompt:  "Enter the administrator username"
    private: no

  - name: "Password"
    prompt: "Enter the administrator password.Password must contain at least 8 total printable ASCII character(s)."
    private: yes

  - name: "Confirm_Password"
    prompt: Confirm Password
    private: yes

I want to check if the password length is greater or equal to 8 and it contains only ASCII chars.

I tried something like this:

- name : Password matches the splunk condition
  assert:
    that:
      - Password | length >= 8 and chars=ascii_letters
    success_msg: "Passed."
    fail_msg: "New password is too short!"
    quiet: true
  tags: password_check

But it isn't working.

β.εηοιτ.βε
  • 33,893
  • 13
  • 69
  • 83
NVP
  • 103
  • 6
  • Why restrict a password to only contain ASCII letters? It seems like a bad practice that seriously decreases security. – Alejandro Apr 28 '22 at 19:16
  • 1
    "This isnt working." In what way? Are you getting an error message, or incorrect results? Where are you setting the `chars` variable? – larsks Apr 28 '22 at 19:30
  • something raw `echo 123456み8| perl -ne 'if(/^[[:ascii:]]{8}$/){print "good";exit 0}else{print "bad";exit 1}'` , notice the input supplied to `echo` here. The return value of this command may be used for assertion. – P.... Apr 28 '22 at 20:00
  • 1
    Creating admin account for UF installation has password policy : Password must contain at least 8 total printable ASCII character(s). This is why I was trying to limit to only ASCII chars – NVP Apr 29 '22 at 04:54

1 Answers1

2

Q: "Test if password length is greater or equal to 8 and it contains only ASCII chars."

A: The limitation to all ASCII characters is not practical. The regex below limits the string to 8 or more printable ASCII characters. See Regex for all PRINTABLE characters

    - assert:
        that: Password is match('^[ -~]{8,}$')
        fail_msg: "Password: {{ Password }} does not comply!"
        quiet: true
Vladimir Botka
  • 58,131
  • 4
  • 32
  • 63