Given the variety of system revisions and the mix of Trusted and standard systems, the only simple solution is usermod.sam and a password generator program. I have attached a simple C program that will generate the 13 encrypted bytes needed for the password entry. It will compile with the K&R basic C compiler found on all HP-UX systems (I name the program pw). Although it was designed for interactive use, you can extract just the result like this:
MYPASSWD=123abc
MYCRYPT=$(pw $MYPASSWD | tail -1 | awk '{print $NF}')
MYCRYPT will have the properly encrypted password entry and works on Trusted and unTrusted. It has been in use since HP-UX version 8.xx and works fine on all the revs through 11.11.
1- Use the pw program
2- yes
3- I've tried many different sed and awk soultions. Nothing beats the simplicity of usermod.sam since this is the tool that SAM uses. Here is how you do it:
/usr/sam/lbin/usermod.sam -p $MYCRYPT user_login
usermod.sam patches the correct location in place whereas sed and awk solutions require a temp file and lots of tests to make sure the task doesn't trash everything.
4- None. The crypt call is how passwords are encrypted. There is a special consideration for Trusted systems: you are no longer limited to 8 significant characters in a password. Now since you are generating a default or standard password, this is no issue. Just make the default password = 8 characters.
As far as connecting and running commands, I use root 'helper' scripts to accomplish special tasks on the remote systems. I distribute these special commands with a batch ftp script so that all of them can be updated in less than a minute. An example is a userinfo script that runs on 10 and 11, Trusted and unTrusted and returns detailed info about the state of the user's account.
Bill Hassell, sysadmin
