The eternal fight between admins and computers

(and very often users, as well)

« Running out of TCP/IP ports in your Linux box?
HOWTO: Managing Active Directory users under Linux with adtool »

Create/modify user passwords in batch mode

Posted by rga on August 11, 2008

Hello again,

Sometimes, you need to put a non-interactive passwords using scripts, as you can see, you can’t use passwd tool, because it only works using interactive way.

On Debian, and of course lot of distros, you can use chpasswd instead (create, update & modify)

From chpasswd manual:

chpasswd reads a list of user name and password pairs from standard input and uses this information to update a group of existing users, so you can update passwords in batch mode.

echo “user:pass” | chpasswd

Regards,

This entry was posted on August 11, 2008 at 1:31 pm and is filed under Linux, Tips, Unix. Tagged: , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

5 Responses to “Create/modify user passwords in batch mode”

  1. Matt Simmons said

    August 11, 2008 at 2:44 pm

    As long as you have the full knowledge that anyone who happens to be running a ‘ps’ command on the machine at this time would be able to see the password.

    Unless someone is looking for it, it’s pretty unlikely they’d be able to catch it in the brief moment, but the possibility is there (and also exists that one of the users of the machine is malicious)

    Reply

  2. rgatrapalo said

    August 11, 2008 at 3:33 pm

    Hello Matt,

    Seems like there is no password disclosure using ps tool.
    try this in one shell
    # while :; do echo ‘rga:1234′ | chpasswd; done

    in the other one
    # while:; do ps auxw|grep passwd; done

    root 19179 0.0 0.0 2040 848 pts/21 D+ 15:26 0:00 chpasswd

    Regards,

    Reply

  3. Matt Simmons said

    August 11, 2008 at 10:44 pm

    You are right, and I was at a loss as to why until I realized that bash (and lots of other shells) use a built-in echo command, rather than using /bin/echo

    It’s safe enough, but chpasswd does allow you to give the md5 hash instead of the plain text, so I’d probably succumb to paranoia and do that, but I’m funny that way.

    Nice blog, I’ll be reading from now on :-)

    Reply

  4. Bob Plankers said

    August 12, 2008 at 1:30 am

    On Red Hat Enterprise Linux the passwd command has a flag, –stdin, that lets you echo text at it. Very handy for scripts.

    Reply

  5. links for 2008-08-12 [delicious.com] : Bob Plankers, The Lone Sysadmin said

    August 12, 2008 at 6:31 pm

    [...] Create/modify user passwords in batch mode « The eternal fight between admins and computers On Red Hat Enterprise Linux the passwd command has a flag, –stdin, that lets you echo text into it. Great for scripts. [...]

    Reply

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

« Running out of TCP/IP ports in your Linux box?
HOWTO: Managing Active Directory users under Linux with adtool »