topic Re: Linux password help needed in Operating System - Linux

Linux password help needed

Debbie Fleith — Wed, 04 May 2005 13:08:22 GMT

I'm running RH Linux and will be using useradd to create hundreds of user accounts. 3 questions:
1. If I plan to run chage to force the user to change the password at next login, do I have to set an initial password?
2. Is there some way to script the password command and pass it a generic value (to assign an initial password which I will then expire?)
3. Is there anyway to change a user password without being root? i.e. I have several non-human user accounts that I want a temp to set the passwords for and but don't want to give the temp root priviledges.

Re: Linux password help needed

RAC_1 — Wed, 04 May 2005 14:03:21 GMT

1. Why use chage??, you can use passwd -f "user_name", IF you have manu users to do this, you can put a script for it.
2. man chpasswd (It read a file containing usernames and passwords and sets it)
3. Yes. Use sudo.

Anil

Re: Linux password help needed

Debbie Fleith — Wed, 04 May 2005 14:52:01 GMT

passwd -f does not exist under Red Hat linux

Re: Linux password help needed

Steven E. Protter — Wed, 04 May 2005 16:58:45 GMT

passwd -f does exist on Red HatLinux, I just checked the man page.

NAME
passwd - update a userÃ¢s authentication tokens(s)

SYNOPSIS
passwd [-k] [-l] [-u [-f]] [-d] [-n mindays] [-x maxdays] [-w warn-
days] [-i inactivedays] [-S] [--stdin] [username]

Its not apparent from the man page what the functionality is but thats typical of a linux man page. hpux man pages are much better.

For your specific issue, look at -n mindays -x maxdays -w warndays and -i inactivedays as possible solutions.

SE

Re: Linux password help needed

Gopi Sekar — Thu, 05 May 2005 00:58:57 GMT

depending on which version of linux you use the passwd program has different options. i checked on my SUSE server and it has -e option which does exactly what you are asking for.

-e The user will be forced to change the password at next login.

if your passwd does not have this functionality then try the combination of -n and -x

Hope this helps,
Gopi

Re: Linux password help needed

Alexander Chuzhoy — Thu, 05 May 2005 03:11:20 GMT

1. Without password the user won't be able to login.

2.yes there is a way to script passwd:

#!/bin/bash
for i in [ 1 2 3 4 5 ]
do
useradd user$i
echo user$i |passwd --stdin user$i
done

This script will add 5 users and give each it's username as password.
Password of user1 will be user1

3.read man of sudo command.

Re: Linux password help needed

Debbie Fleith — Thu, 05 May 2005 09:18:33 GMT

I'm running RedHat Enterprise ES 3.0 and there is definitely no option to the passwd command that will force a user to login at next login.

Re: Linux password help needed

Robert Morrison_2 — Thu, 26 May 2005 13:04:59 GMT

Steven Protter: if you look carefully at the man page that you quote, you will see that -f is a sub-flag of the -u flag.

It's not helpful to claim "Its not apparent from the man page what the functionality is but thats typical of a linux man page." - especially as you are mistaken.

There is no "passwd -f" on Red Hat Linux.

using the command:

chage -d 0 username

should expire the password and should be scriptable.

Re: Linux password help needed

Steven E. Protter — Fri, 27 May 2005 00:07:26 GMT

1. If I plan to run chage to force the user to change the password at next login, do I have to set an initial password?

How is the user going to know what the initial password if its not set.

The diaglog is the same for all users. You gotta log on before you can be forced to change your password. Therefore you need to set an intiial value.

2. Is there some way to script the password command and pass it a generic value (to assign an initial password which I will then expire?)

You can script the password set.

passwd username < file

in the file

newpassword
newpassword

root runs it so nobody needs to set the initial password.

alternate script text:

passwd username << EOF
newpassword
newpassword
EOF

3. Is there anyway to change a user password without being root? i.e. I have several non-human user accounts that I want a temp to set the passwords for and but don't want to give the temp root priviledges.

Use root to set the temp password. sudo can give non-root users certain priviledges. I don't totally understand request 3.

SEP

Re: Linux password help needed

Stuart Browne — Fri, 27 May 2005 00:15:22 GMT

I think for No. 3, he wants something like a web interface that says "Reset password" .

And the 'sudo' answer is the good one.

Re: Linux password help needed

Steven E. Protter — Fri, 27 May 2005 09:58:36 GMT

If Stuart is correct concerning item 3, there may be an answer.

webmin.

webmin is a web based, gui interface that lets you create users and such.

It appears, based on the screen shot that you can create a limited administrative user with it that can handle functions such as password reset.

This thread and a customer call have forced me to look further into this concept. I am reading the documentation at this time. Its already installed on my web servers and I'm learning how to use it and will hopefully have more details soon.

SEP

Re: Linux password help needed

Steven E. Protter — Fri, 27 May 2005 13:02:24 GMT

Webmin can certainly handle item 3.

At this point I've got webmin/usermin working on Red Hat ES 4.

Right now, my configuration lets the user change any password, which is unacceptable in my security cirumstances.

I'm working on giving this user access only to users at his location. Then comes the step by step guide.

Because I need it for myself it should not be long.

SEP