HPE Community
Operating System - HP-UX
1752341 Members
5587 Online
108787 Solutions
New Discussion юеВ

Set password script

 
SOLVED
Go to solution
Mike Keys
Regular Advisor

тАО07-12-2005 06:32 AM

тАО07-12-2005 06:32 AM

Set password script

This has probably been answered more than once.

I do not wish to install "expect" to do this. I am looking for perl code to set a user's password to some pre-determined inital value, wehreby the user will have to change their password the first time they login after that.
0 Kudos
Reply
5 REPLIES 5
A. Clay Stephenson
Acclaimed Contributor

тАО07-12-2005 06:37 AM

тАО07-12-2005 06:37 AM

Re: Set password script

Perl has the crypt() function to create the passwd hash. A system command to invoke passwd -f user will expire the passwd; you can build the passwd -f user comand up with an sprintf.
If it ain't broke, I can fix that.
0 Kudos
Reply
Mel Burslan
Honored Contributor

тАО07-12-2005 07:15 AM

тАО07-12-2005 07:15 AM

Solution

Re: Set password script

or if you are planning to use the same password over and over again and you have it in the encrypted form already, you can use this utility that sam uses as follows:

/usr/sam/lbin/usermod.sam -p "Dx3zsaXO3q22." username

I don't think any portion needs any explanation on this command.

________________________________
UNIX because I majored in cryptology...
Reply
Tom Schroll
Frequent Advisor

тАО07-12-2005 08:37 AM

тАО07-12-2005 08:37 AM

Re: Set password script


I tried several different iterations of piping, reading from stdin, and other hacks to see if I could pump data into the passwd command itself. But I firmly believe that the passwd command attempts to open the tty directly somehow using the tty driver (doesn't use stdin when reading a password from the user). I even tried to fake it out by putting it in a tty-less environment while using stdin to feed data to passwd. The passwd command still refused to read from a pipe or from any specific file descriptor. Therefore, it appears that the best solution would be to generate a predefined hash (and possibly use the usermod.sam utility to plug it in to the password file). I tested the usermod.sam command on both a trusted and a non-trusted system and it seems to work in both cases. Note that the hash format (including the strings which control aging and expiration in the hash) are pretty well documented in the passwd(4) man page.

-- Tom
If it ain't broke, it needs optimized.
0 Kudos
Reply
generic_1
Respected Contributor

тАО07-14-2005 12:57 PM

тАО07-14-2005 12:57 PM

Re: Set password script

I just posted the answer in your other post it works for trusted and untrusted.
You can use crypt to generate the password
or you can clip a default one thats incrypted out of the password or trusted /tcb/ directory files.
If you use a default one though make sure you run an extra command to force the users to change it.
0 Kudos
Reply
generic_1
Respected Contributor

тАО07-14-2005 01:11 PM

тАО07-14-2005 01:11 PM

Re: Set password script

Note password is the password and 1b is the salt
echo "password1b" |/usr/lib/makekey
supbstitute the output into the usermodsam command and you can automate the whole thing :).

Note to use 8 char password 2 char salt when doing this.


Points are welcome
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.