HPE Community
Operating System - HP-UX
1823385 Members
2752 Online
109654 Solutions
New Discussion юеВ

Re: Root password change on a remote server

 
SOLVED
Go to solution
Sravan Tailam
New Member

тАО08-26-2004 08:04 AM

тАО08-26-2004 08:04 AM

Root password change on a remote server

Root password change on a remote server.
========================================

Am on server A, attempting to change the root passwd on server B. Am using the following commands at the shell:

++++++++ commands ++++++++
# remsh remote_host -n passwd << EOF
> newpasswd
> newpasswd
> EOF
Changing password for root
pam_chauthtok: System error

++++++++++++++++++++++++++++++++
I need help troubleshoooting the erro : pam_chauthtok: System error.
OR, if you have a better solution to achieve objective, please share it with me.

ps: Server A entry exists on the .rhosts file on Server B for root user.

-Sravan
0 Kudos
11 REPLIES 11
Jeff_Traigle
Honored Contributor

тАО08-26-2004 08:20 AM

тАО08-26-2004 08:20 AM

Re: Root password change on a remote server

You can't pass values to passwd like that. Check out the solution in the following post:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=107597

(Searched Forums for "change password remote".)
--
Jeff Traigle
0 Kudos
Geoff Wild
Honored Contributor

тАО08-26-2004 08:28 AM

тАО08-26-2004 08:28 AM

Re: Root password change on a remote server

Why would you script that?

Better to just do a:

remsh remote_host

Then update password interactively - especially root....


Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Sravan Tailam
New Member

тАО08-26-2004 08:57 AM

тАО08-26-2004 08:57 AM

Re: Root password change on a remote server

Thanks for your response, Jeff and Geoff.

I have about 60 servers whose root passwd needs to be changed. Thats why I was trying to script it.

I was able to do this on HP-Tru64 servers using rsh.

I was hoping, I could do it using the remsh.


0 Kudos
Geoff Wild
Honored Contributor

тАО08-27-2004 12:42 AM

тАО08-27-2004 12:42 AM

Re: Root password change on a remote server

I figured that was what you wanted to do...

Well, with 60 servers, you might want to look at NIS or a third party system like Unix Control:

http://www.tfstech.com/solutions/unixcontrol/index.htm

That way you have a centralized system for maintaining users/passwords/access, etc.

Rgds...Geoff

Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Simon Hargrave
Honored Contributor

тАО08-27-2004 01:01 AM

тАО08-27-2004 01:01 AM

Re: Root password change on a remote server

If you want to set all the passwords to be the same, then you could (probably bad practice but it would work): -

- Change the password on one server.
- Copy the /tcb/files/auth/r/root file from that server to every other server.

This of course assumes you're configured as trusted systems.

It's dirty, but you want it!
0 Kudos
Sravan Tailam
New Member

тАО08-27-2004 01:29 AM

тАО08-27-2004 01:29 AM

Re: Root password change on a remote server

Geoff,
Thanks. We use NIS serving all non-root users. Root, for some reason was set locally by the prior SA. If root was served by NIS and there is a network problem. Aren't we hosed ??? What are your thoughts on this ?

Simon,
we dont use trusted system. For that matter, we dont use many of the new features, and we are stuck with this architecture for the near future. Thanks for the advice though !!!

I read an article, where the poster implemented the solution using remsh.

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=107597

Unfortunately, he did not share the script. sob .. sob ...

Sravam
0 Kudos
Geoff Wild
Honored Contributor

тАО08-27-2004 01:44 AM

тАО08-27-2004 01:44 AM

Re: Root password change on a remote server

Check this post about root/nis:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=365587

That's what's great about TFS Unix Control - if network is down, root can still login...

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Jeff_Traigle
Honored Contributor

тАО08-27-2004 02:48 AM

тАО08-27-2004 02:48 AM

Solution

Re: Root password change on a remote server

Why would you need the exact script he used? You should be able to basically substitute the telnet command with remsh in the script that was posted in that thread. Eliminate the unnecessary login credentials that won't be needed since you have .rhosts set up. Eliminate the line related to changing password on a trusted system if you aren't using trusted systems. Not difficult to do.
--
Jeff Traigle
0 Kudos
RAC_1
Honored Contributor

тАО08-27-2004 03:24 AM

тАО08-27-2004 03:24 AM

Re: Root password change on a remote server

There are few options to do that.
1. Use expect
2. Generate the scripted password on host and paste that into the password field on remote server.
3. Use of ssh/rsh with command /usr/sam/lbin/usermod.sam

e.g.

ssh remote_host "/usr/sam/lbin/usermod.sam -p `echo "1234abcdxy"|/usr/bin/makekey` user_name"

This would set the password to 1234abcd for user user_name on remote host. the password has to be of 8 chars. The chars xy are salt chars. If you set ssh to authenticate with public keys, you will not require any interference in this.

Anil
There is no substitute to HARDWORK
0 Kudos
Sravan Tailam
New Member

тАО08-27-2004 03:49 AM

тАО08-27-2004 03:49 AM

Re: Root password change on a remote server

Jeff,
I replaced the telnet with remsh and used the same script with little modifications(removing trusted system line). It works great. Thanks for your help.

Anil,
am using .rhosts, so for all my Tru64 servers, am using rsh and it works fine. For HP-UX boxed, I found the solution using remsh proposed by another poster in my earlier mentioned article. Thanks for the suggestion, anyway.

Thanks everyone for helping me out.
============ script ==============
for HOST in `cat /tmp/hosts-HP`
do
( sleep 2
echo "hostname"
echo "passwd"
sleep 2
echo "Newpasswd1"
sleep 2
echo "Newpasswd1"
sleep 2
echo exit
sleep 5 ) | remsh $HOST
done
=================
Sravan
0 Kudos
Sravan Tailam
New Member

тАО08-27-2004 03:51 AM

тАО08-27-2004 03:51 AM

Re: Root password change on a remote server

I used the above script and works great.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.