Sometimes, you need to put a non-interactive passwords using scripts, as you can see, you can’t use passwd tool, because it only works using interactive way.
On Debian, and of course lot of distros, you can use chpasswd instead (create, update & modify)
From chpasswd manual:
chpasswd reads a list of user name and password pairs from standard input and uses this information to update a group of existing users, so you can update passwords in batch mode.
echo “user:pass” | chpasswd
5 thoughts on “Create/modify user passwords in batch mode”
As long as you have the full knowledge that anyone who happens to be running a ‘ps’ command on the machine at this time would be able to see the password.
Unless someone is looking for it, it’s pretty unlikely they’d be able to catch it in the brief moment, but the possibility is there (and also exists that one of the users of the machine is malicious)
Seems like there is no password disclosure using ps tool.
try this in one shell
# while :; do echo ‘rga:1234’ | chpasswd; done
in the other one
# while:; do ps auxw|grep passwd; done
root 19179 0.0 0.0 2040 848 pts/21 D+ 15:26 0:00 chpasswd
You are right, and I was at a loss as to why until I realized that bash (and lots of other shells) use a built-in echo command, rather than using /bin/echo
It’s safe enough, but chpasswd does allow you to give the md5 hash instead of the plain text, so I’d probably succumb to paranoia and do that, but I’m funny that way.
Nice blog, I’ll be reading from now on :-)
On Red Hat Enterprise Linux the passwd command has a flag, –stdin, that lets you echo text at it. Very handy for scripts.
[…] Create/modify user passwords in batch mode « The eternal fight between admins and computers On Red Hat Enterprise Linux the passwd command has a flag, –stdin, that lets you echo text into it. Great for scripts. […]