HPE Community
Operating System - Linux
1753794 Members
7175 Online
108799 Solutions
New Discussion юеВ

sync password between 2 servers

 
SOLVED
Go to solution
KarloChacon
Honored Contributor

тАО09-10-2010 12:56 PM

тАО09-10-2010 12:56 PM

sync password between 2 servers

hi guys
I am creating a script a for Linux cluster based on Linux Heartbeat - HA....

basically I am creating a script where a user must sync his password on the 2 boxes...I mean when password for Carlos is changed on NODE01 it ill replicate on NODE02...this is where I am stuck how to replicate that.... the only thing that came to my mind was
create a scritp
something like this

echo "Please change your password"
passwd
echo "now change passwd on NODE02"
ssh node01 passwd

but it won't ask me for my password after ssh to NODE02 the script won't run...

any idea how to sync password on both nodes or how to fix my script?

thanks a lot


Didn't your momma teach you to say thanks!
0 Kudos
Reply
7 REPLIES 7
Matti_Kurkela
Honored Contributor

тАО09-11-2010 12:49 AM

тАО09-11-2010 12:49 AM

Solution

Re: sync password between 2 servers

Whenever you specify a remote command on the ssh command line, the remote session will run in "non-interactive mode": the remote sshd won't allocate a pseudo-TTY for the session. This causes programs and commands which explicitly require to read/write the TTY to fail. The "passwd" command is one of these (it will explicitly read the password from the TTY to defeat any input redirection).

Your script could be fixed by adding the "-t" option to the ssh command line. This option will make the ssh command request a remote TTY for non-interactive sessions too. In other words:

echo "Please change your password"
passwd
echo "now change passwd on NODE02"
ssh -t node01 passwd

MK
MK
Reply
Steven Schweda
Honored Contributor

тАО09-11-2010 10:21 AM

тАО09-11-2010 10:21 AM

Re: sync password between 2 servers

> [...] how to sync password [...]

Have you considered using something like NIS?
Reply
KarloChacon
Honored Contributor

тАО09-11-2010 12:10 PM

тАО09-11-2010 12:10 PM

Re: sync password between 2 servers

would NIS the only solution here?

I'm afraid yes
Didn't your momma teach you to say thanks!
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО09-11-2010 02:18 PM

тАО09-11-2010 02:18 PM

Re: sync password between 2 servers

> would NIS the only solution here?

There are probably others. LDAP (about which
I know nothing)? NIS lets a user change his
password once for all systems. It probably
has some disadvantages, too, but I'd expect
it to work pretty well.

I suspect that a Web search for keywords
like, say,
password synchonize
would probably find many shell scripts and/or
programs intended to deal with this problem
for various environments. I'd expect NIS to
be more reliable than most of them.
Reply
KarloChacon
Honored Contributor

тАО09-11-2010 04:38 PM

тАО09-11-2010 04:38 PM

Re: sync password between 2 servers

I don't know how but I heard that one of my partners those that work with you but you never see lol have done this sync on AIX...no idea how since we don't have NIS or LDAP

I will continue searching
Didn't your momma teach you to say thanks!
0 Kudos
Reply
KarloChacon
Honored Contributor

тАО09-11-2010 06:01 PM

тАО09-11-2010 06:01 PM

Re: sync password between 2 servers

question

checking on a NIS configuration

do I need DNS configure for NIS to work since I see a domain name is needed?

thanks a lot
Didn't your momma teach you to say thanks!
0 Kudos
Reply
Steven Schweda
Honored Contributor

тАО09-12-2010 04:25 PM

тАО09-12-2010 04:25 PM

Re: sync password between 2 servers

> checking on a NIS configuration

I seem not to have NIS installed on my Debian
systems, so I know nothing, but on HP-UX,
these help:

man -k nis
man -k yp
man domainname

> do I need DNS configure for NIS to work
> since I see a domain name is needed?

Probably not. An NIS domain name is entirely
independent of a DNS domain name. An NIS
domain name is simply a character string. It
may contain dots, but there's no hierarchy
as there is with DNS. (Some NIS
implementations may have problems if DNS is
not used, too. I don't know if your Linux
has any problems in that case.) If you
want, you can normally use a DNS domain name
as an NIS domain name, but it's not
necessary to do so (and, as "man domainname"
explains) there may be tighter name length
restrictions for an NIS name than for a DNS
name).
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.