HPE Community
Operating System - HP-UX
1835062 Members
2360 Online
110073 Solutions
New Discussion

root password

 
SOLVED
Go to solution
Petr Simik_1
Valued Contributor

‎01-17-2003 07:08 AM

‎01-17-2003 07:08 AM

root password

I red your previous discussion regarding root password discipline. I care abot 45 HP servers and I cannot use NIS. How can I change root password easily on several servers easily at once! Do you use some scripts or do you click out new password on each server one by one?
0 Kudos
Reply
6 REPLIES 6
Pete Randall
Outstanding Contributor

‎01-17-2003 07:11 AM

‎01-17-2003 07:11 AM

Re: root password

Petr,

In my case, I keep the passwd file synchronised on all my hp-ux machines by rcp'ing it.

Pete

Pete
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎01-17-2003 07:13 AM

‎01-17-2003 07:13 AM

Re: root password

At a previous job we kept a bunch of servers in sync with 'rdist'.

Do a 'man rdist' for more information.
0 Kudos
Reply
Robert-Jan Goossens
Honored Contributor

‎01-17-2003 07:17 AM

‎01-17-2003 07:17 AM

Re: root password

I use the same method as Patrick for Sun and HP (rdist).

Kind regards,

Robert-Jan.
0 Kudos
Reply
John Poff
Honored Contributor

‎01-17-2003 07:17 AM

‎01-17-2003 07:17 AM

Re: root password

Hi,

We have a low enough ratio of servers to sys admins [about 5:1] that we just divide them up and change the root passwords manually.

The password files are mostly different on each box so we don't have the luxury of rcp'ing them.

JP
0 Kudos
Reply
Chris Wilshaw
Honored Contributor

‎01-17-2003 07:18 AM

‎01-17-2003 07:18 AM

Solution

Re: root password

I use an expect script to make the changes.

>>>> Shell wrapper

#!/usr/bin/ksh

for MACHINE in `cat MACHINES`
do
./allpw.exp "$MACHINE" "$USERID" "$NEWPW"
done


>>> allpw.exp

#!/usr/local/bin/expect
###############################################################################

set term vt100
set timeout 5
set SITE [lindex $argv 0]
set USERID [lindex $argv 1]
set NEWPW [lindex $argv 2]

spawn rlogin $SITE

expect {*TERM*)} {}
send "$term\n"
expect {*>} {} {*#} {} {*$} {}

send "/opt/super/bin/super passwd $USERID\n"

expect {*word:} {}
sleep 2

send "$NEWPW\n"
expect {*word:} {}
sleep 2

send "$NEWPW\n"

expect {*>} {} {*#} {} {*$} {}

send "exit\n"
close -i $spawn_id

exit 0

-----------------------

For convenience,I use a utility called super (similar to sudo) to allow me to change passwords using my own ID.
Reply
Chris Wilshaw
Honored Contributor

‎01-17-2003 07:21 AM

‎01-17-2003 07:21 AM

Re: root password

Sorry,

Wrong verision of the shell script posted previously.

#!/usr/bin/ksh
LOG=log/pwchg.log

if [ `whoami` = "root" ]
then
echo "Script must not be run as root"
exit 0
fi

echo "Please enter ID for global password change:\c"
read USERID
echo "Please enter new password for ID $USERID: \c"
stty -echo
read NEWPW
stty echo
echo ""

echo "password change for $USERID on `date`" >> $LOG

for MACHINE in `cat MACHINES`
do
./allpw.exp "$MACHINE" "$USERID" "$NEWPW"
done
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.