Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Interpreting the encrypted shadow password?
Operating Systems Linux Interpreting the encrypted shadow password? Post 302175029 by ramen_noodle on Wednesday 12th of March 2008 09:13:45 PM
Old 03-12-2008
.For your root and appllication passwords you can always use expect or automated ssh to batch process passwd changes driving the native platforms passwd. I've used expect for this in the past.

Code:
proc manualChange {} {
global prompt spawn_id timeout
                         expect  {
				  -i $spawn_id -re $prompt {
					             send_user "Logged in to host: $name as $username\n"
					             send "passwd\r\n"
					             expect -i $spawn_id -re ".*asswor.*" {
                                                               set new [getInput "Password change for $username on $name: "]


								send "$new\r\n"
								expect -i $spawn_id -re "\[Rr\]e.*asswor.*" {
								          send "$new\r\n"
								          expect -i $spawn_id  -re "$prompt" {										                                                  send_user "Password changed successfully for $name\n"
										                             }
										      }
							     }
					        }
                         timeout {send_user "Timed out for spawn_id: $spawn_id\n"}
			 eof {send_user "Abnormal termination for spawn_id: $spawn_id"}
			 }
}

if {[llength $argv] < 2} {puts "Please provide:\n 1. username\n 2. list of hosts" ;  exit}
set username [lindex $argv 0]
set hostlist [lrange $argv 1 [llength $argv]]
##main()
         set prompt "[lindex $argv 0]@.*|.*[lindex $argv 0].*>|.*[lindex $argv 0].*#"
         foreach name $hostlist {
	                         if {![catch {eval spawn $loginprog $username@$name} err_spawn]} {
				      puts "Connecting to $name..."
				      expect  {
				          
					      -re $prompt {
					                     send_user "Logged in to host: $name as $username\n"
							     send "passwd\r\n"
							     expect -i $spawn_id -re ".*asswor.*" {
                                                                       set new [getInput "Password change for $username on $name: "]
								       send "$new\r\n"
								       expect -i $spawn_id -re "\[Rr\]e.*asswor.*" {
										            send "$new\r\n"
										            expect -i $spawn_id  -re "$prompt" {
										                                               send_user "Password changed successfully for $name\n"
										                             }
										      }
							     }
					        }		     			
					        -re $pwprompt {
						              send_user "Log in manually and then press ^p to change password\n"
						              interact {
							                 "^P" {manualChange}
							      }
					        }		      		   		                                   
						timeout {send_user "Timed out waiting on $name\n"}
						eof {send_user "Abnormal exit for connect() to host: $name\n"}
				       }													                             
				     } else {
				        puts "ERROR: Connecting to host: $name = $err_spawn"
				     }	  
	   }

Using ssh-agent and keys this is a quick way to change passwords and also allows you to catch hosts without keys, etc...
HTH.
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

netrc file encrypted password

Hi, I do not want the plaintext password to appear in the netrc file. So I want to encrypt the password. Is there a way to encrypt the password and still make ftp to use the netrc ? Thanks in advance. -Gow:confused: (2 Replies)
Discussion started by: ggowrish
2 Replies

2. UNIX for Dummies Questions & Answers

Change password by pushing encrypted password to systems

I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong. The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
Discussion started by: benq70
1 Replies

3. UNIX for Dummies Questions & Answers

How to : Identify the the password is encrypted or not in /etc/shadow or /etc/passwd?

Thanks AVKlinux (11 Replies)
Discussion started by: avklinux
11 Replies

4. UNIX and Linux Applications

Accessing Oracle via encrypted password

Actually in my application there is an XML file. The password and the user name for the database that I need to access the development box is stored there. But using some UNIX command I am able to access the raw content of the file and not the decrypted code for that password. When I am applying... (3 Replies)
Discussion started by: nandumishra
3 Replies

5. Shell Programming and Scripting

To decrypt encrypted password

Hi folks, What will be the easy way to decrypt encrypted passwords on MySQL table. Googling brought me many suggestions on crypt/decrypt running scripts. Please advise. TIA Remark: I think the encrypt function of MySQL uses the Unix crypt command to encrypt B.R. satimis (1 Reply)
Discussion started by: satimis
1 Replies

6. UNIX for Advanced & Expert Users

/etc/shadow encrypted password

Hi I wonder whether is possible to generate enrypted passwd for some user and paste it into /etc/shadow file ? What kind of encryption is used in /etc/shadow file ? ths for help. (1 Reply)
Discussion started by: presul
1 Replies

7. Shell Programming and Scripting

Replace encrypted password in /etc/shadow using sed

Hello friends, We have encrypted password strings for all of our users (each user has different password). After creating users in Linux, we replace encrypted passwords manually on /etc/shadow so that their passwords directly work. Instead we want to do it using scripting. I tried with sed... (2 Replies)
Discussion started by: prvnrk
2 Replies

8. UNIX for Dummies Questions & Answers

Using the encrypted password of the shadow file

i have an application that uses the encrypted password that's in the /etc/shadow file. i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios. this application allowed that... (5 Replies)
Discussion started by: SkySmart
5 Replies

9. Shell Programming and Scripting

Encrypted password in script

How to keep encrypted password in a shell script.? I have the file which has the following: a.sh ----- username=abc password=abc I will be using this username and password in another script. But I don't want to reveal the password in the script. How to keep the password... (3 Replies)
Discussion started by: sanvel
3 Replies

10. Cybersecurity

Is TLS encrypted password safe?

Hello, on my android device my app autosaves my password and it encrypts by TLS im not politically exposed person, just regular entrepreneur. Should i worry if i loose my phone with TLS encrypted password? Or regular mortals or casual hackers are not able to crack it? (4 Replies)
Discussion started by: postcd
4 Replies

LEARN ABOUT OPENSOLARIS

lindex

lindex(1T)						       Tcl Built-In Commands							lindex(1T)

__________________________________________________________________________________________________________________________________________________

NAME

       lindex - Retrieve an element from a list

SYNOPSIS

       lindex list ?index...?
_________________________________________________________________

DESCRIPTION

       The  lindex  command  accepts  a  parameter,  list, which it treats as a Tcl list. It also accepts zero or more indices into the list.  The |
       indices may be presented either consecutively on the command line, or grouped in a Tcl list and presented as a single argument.		   |

       If no indices are presented, the command takes the form: 										   |
	      lindex list															   |
       or																	   |
	      lindex list {}															   |
       In this case, the return value of lindex is simply the value of the list parameter.							   |

       When presented with a single index, the lindex command treats list as a Tcl list and returns the index'th element from it (0 refers to  the
       first  element of the list).  In extracting the element, lindex observes the same rules concerning braces and quotes and backslashes as the
       Tcl command interpreter; however, variable substitution and command substitution do not occur.  If index is negative  or  greater  than	or
       equal  to  the number of elements in value, then an empty string is returned.  If index has the value end, it refers to the last element in
       the list, and end-integer refers to the last element in the list minus the specified integer offset.

       If additional index arguments are supplied, then each argument is used in turn to select an element from the previous  indexing	operation, |
       allowing the script to select elements from sublists.  The command,									   |
	      lindex $a 1 2 3															   |
       or																	   |
	      lindex $a {1 2 3} 														   |
       is synonymous with															   |
	      lindex [lindex [lindex $a 1] 2] 3 												   |

EXAMPLES
																	   |
	      lindex {a b c}  => a b c														   |
	      lindex {a b c} {} => a b c													   |
	      lindex {a b c} 0 => a														   |
	      lindex {a b c} 2 => c														   |
	      lindex {a b c} end => c														   |
	      lindex {a b c} end-1 => b 													   |
	      lindex {{a b c} {d e f} {g h i}} 2 1 => h 											   |
	      lindex {{a b c} {d e f} {g h i}} {2 1} => h											   |
	      lindex {{{a b} {c d}} {{e f} {g h}}} 1 1 0 => g											   |
	      lindex {{{a b} {c d}} {{e f} {g h}}} {1 1 0} => g 										   |

SEE ALSO

       list(1T), lappend(1T), linsert(1T), llength(1T), lsearch(1T), lset(1T), lsort(1T), lrange(1T), lreplace(1T)				   |

KEYWORDS

       element, index, list

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +--------------------+-----------------+
       |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
       +--------------------+-----------------+
       |Availability	    | SUNWTcl	      |
       +--------------------+-----------------+
       |Interface Stability | Uncommitted     |
       +--------------------+-----------------+
NOTES

       Source for Tcl is available on http://opensolaris.org.

Tcl									8.4								lindex(1T)
All times are GMT -4. The time now is 05:46 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy