HPE Community
Operating System - HP-UX
1752729 Members
6203 Online
108789 Solutions
New Discussion юеВ

Re: changing passwd on remote machines using script

 
SOLVED
Go to solution
jagdeesh
Frequent Advisor

тАО05-22-2004 12:11 AM

тАО05-22-2004 12:11 AM

changing passwd on remote machines using script

Hi,
I have 180 Machines running hpux11i. I have to change the passwd for a particular user in all the systems. I can use remote shell and i want to run a script from one server for this purpose. Can any one help me how can i achieve this?

Thanks in advance.
...
0 Kudos
Reply
7 REPLIES 7
John Poff
Honored Contributor

тАО05-22-2004 12:27 AM

тАО05-22-2004 12:27 AM

Re: changing passwd on remote machines using script

Hi,

One thing you could do (if you want the same password for the user on all boxes) is to change the password on one box, and then write a script to put that password entry in the /etc/passwd file for that user on all the other boxes.

JP
0 Kudos
Reply
jagdeesh
Frequent Advisor

тАО05-22-2004 12:41 AM

тАО05-22-2004 12:41 AM

Re: changing passwd on remote machines using script

You mean put the passwd in /etc/passwd passwd field on remote machines? How can we do in the scipt (edit the /etc/passwd and replace the passwd in /etc/passwd field)? any examples available...?

...
0 Kudos
Reply
John Poff
Honored Contributor

тАО05-22-2004 02:10 AM

тАО05-22-2004 02:10 AM

Solution

Re: changing passwd on remote machines using script

This question has come up before. Take a look at these posts for some ideas:



http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=48946

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=214045

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=347973



JP
Reply
D Block 2
Respected Contributor

тАО05-22-2004 04:03 PM

тАО05-22-2004 04:03 PM

Re: changing passwd on remote machines using script

my thought would be to write a shell script and update the PASSWORD entry for this user. you migh start with somethin likehs one.
echo "FULL NAME= \c"
read NAME
echo "LOGIN = \c"
read USER
echo "PASS= \c"
read PASS

GRP=users

CMD="/usr/sbin/useradd -g $GRP -c \"$NAME\" \
-d /home/equiv -s /usr/bin/true $USER"

echo $CMD

echo "run y/n ? \c"
read resp
if test "$resp" != "y"
then
echo "not running...bye"
else
eval $CMD
fi

Golf is a Good Walk Spoiled, Mark Twain.
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

тАО05-22-2004 06:36 PM

тАО05-22-2004 06:36 PM

Re: changing passwd on remote machines using script

Hi Jagdeesh,

"Expect" is good if you don't have remote shell capability as well to automatically supply responses to passwd program.

If you have remote shell access to all the systems, then there is a better secured way of doing it. First, generate the encrypted password. Then change it on the remote system using the command "/usr/sam/lbin/usermod.sam -p " command.

1. Generate encrypted password. It's really easy to do it if you are willing to go with 8 char password. Use /usr/lib/makekey to generate encrypted password for you.

echo ""|/usr/lib/makekey

For ex.,

echo "Test123!xy" |/usr/lib/makekey
xyZz5eiXOP3r.

Otherwise, change the password on one system and grab the encrypted key from /etc/passwd or /tcb/auth/files/ (for trusted).

2. Place the encrypted password obtained in the above step into password field by using the command

/usr/sam/lbin/usermod.sam -p "xyZz5eiXOP3r." login_name

It works for both trusted and non-trusted sytems.

Put it in remsh for the remote systems.

Good thing about it is, though your remsh session transmits the information in clear text, your password is encrypted so it's relatively safer than using "expect".

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Tim Howell
Frequent Advisor

тАО05-24-2004 02:52 AM

тАО05-24-2004 02:52 AM

Re: changing passwd on remote machines using script

what about NIS / NIS+ ...is this available for HP-UX?
if only we knew...
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО05-24-2004 06:17 AM

тАО05-24-2004 06:17 AM

Re: changing passwd on remote machines using script

It's actually quite simple. Make the change for this user on one machine. Capture the encrypted password from the /etc/passwd file or the /tcb directory. Then from a list of all the machines, use remsh (I prefer rexec for security reasons) to run the command:

rexec $REMOTE_SYSTEM /usr/sam/lbin/usermod.sam -p $NEWPASS SomeUserName

wher $NEWPASS is a copy of the encrypted password. If this is a temporary password, you can then run:

rexec $REMOTE_SYSTEM passwd -f SomeUserName



Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.