Packer is a fantastic tool that allows to automate a proccess of building machine images. I’ve been using Packer for many months at work and in my home lab. Majority of images I create (AMI, VM, vBox, Docker) is based on CentOS 7.x. The process of unattended installation require a kickstart file. One of the most important parameters defined in the kickstart file is root’s password.
The password can be set with the following command:
The problem with this setup is that anyone can see the password as it is in plain text. Much better approach is to hash root’s password using the following command:
The question is how to generate the password hash? My choice is to use sha512 and Python:
where 16_CHARACTER_SALT is a random string, for example: