Create/modify user passwords in batch mode

Hello again,

Sometimes, you need to put a non-interactive passwords using scripts, as you can see, you can’t use passwd tool, because it only works using interactive way.

On Debian, and of course lot of distros, you can use chpasswd instead (create, update & modify)

From chpasswd manual:

chpasswd reads a list of user name and password pairs from standard input and uses this information to update a group of existing users, so you can update passwords in batch mode.

echo “user:pass” | chpasswd

Regards,

Advertisements

5 thoughts on “Create/modify user passwords in batch mode

  1. As long as you have the full knowledge that anyone who happens to be running a ‘ps’ command on the machine at this time would be able to see the password.

    Unless someone is looking for it, it’s pretty unlikely they’d be able to catch it in the brief moment, but the possibility is there (and also exists that one of the users of the machine is malicious)

  2. Hello Matt,

    Seems like there is no password disclosure using ps tool.
    try this in one shell
    # while :; do echo ‘rga:1234’ | chpasswd; done

    in the other one
    # while:; do ps auxw|grep passwd; done

    root 19179 0.0 0.0 2040 848 pts/21 D+ 15:26 0:00 chpasswd

    Regards,

  3. You are right, and I was at a loss as to why until I realized that bash (and lots of other shells) use a built-in echo command, rather than using /bin/echo

    It’s safe enough, but chpasswd does allow you to give the md5 hash instead of the plain text, so I’d probably succumb to paranoia and do that, but I’m funny that way.

    Nice blog, I’ll be reading from now on :-)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s