topic Re: Script for password in Operating System - Linux

Script for password

Venkat_33 — Tue, 04 Jul 2006 07:23:19 GMT

I have 5 servers which are ll i want to change the password through script.

Pls help me how to do

Re: Script for password

Andrey Tumanov — Tue, 04 Jul 2006 07:26:14 GMT

A script to change a password on a server, or a script to change the password on 5 servers at once?

Do you have trusted system?

Andrey

Re: Script for password

RAC_1 — Tue, 04 Jul 2006 07:32:56 GMT

There are many ways to do it.

1. some expect scripting.
2. directly pasting the encrypted password in password feild - not good though
3. If you have centralised password management.
3. You can use following command to do that.

/usr/sam/lbin/usermod.sam -p "$(echo "1234abcdxy" | /usr/lbin/makekey)" "user_name"

The password will be set as 1234abcd. The password has to be of 8 chars and xy is salt chars used.

Re: Script for password

Venkat_33 — Tue, 04 Jul 2006 08:56:05 GMT

a script to change the password on 5 servers at once?

i wont like to use SAM because we had 5 servers ( inlcuding aix and linux box)

Re: Script for password

Peter Nikitka — Tue, 04 Jul 2006 10:03:46 GMT

Hi,

creating a NIS domain for five servers seems not unreasonable to me.
I guess searching for 'NIS setup' in this forum will get some matches ...

mfG Peter

Re: Script for password

Venkat_33 — Tue, 04 Jul 2006 10:22:22 GMT

i dont have NIS i want a simple script to change password for 5 system which have sameuser account.
Please help

Re: Script for password

Sandman! — Tue, 04 Jul 2006 10:54:35 GMT

In that case expect would be the tool of choice for automating the password changes across all the servers that have the same user account(s).

Expect is freeware and it'll run on Unix/Linux systems and can be downloaded from here...http://expect.nist.gov/

~cheers

Re: Script for password

Venkat_33 — Wed, 05 Jul 2006 00:54:05 GMT

i need script bcause i am new in linux so pls help

Re: Script for password

Frank de Vries — Wed, 05 Jul 2006 01:37:42 GMT

Hi Mr Venkat

Doesn't seem to complicated to me.

If you just keep it simple for a moment,
disregard security and forget it is a productive system one scenario would be
something like this:

#!/sbin/bash
for host in node1, node2, Node3, Node4,Node5
do
function logon
{
trap INT
echo root
sleep 1
echo $PASSIN
sleep 2
echo ls
stty echo

echo exit
}

logon | telnet $1

done

Naturally there are many other
ways to achieve the same result.

You could first compare if the entry already
exists in the passwd file and script that and
schedule it in background.
I presume you have enough scripting knowledge to script the interface (if
you need one)

What security is concerned you could
tie it down a bit, by creating a dedicated account on each Node for this household task only. With only access to the passwd cmd.
(But I would protect and except root from
this altogether, thus only the superuser can
change the superuser passwd). But this account could change user accounts only.
That way you can monitor the accounts and
determine permissions and keep security
pretty good.

Anyway, just some idea's, sure it can be
improved upon ...