04-28-2008
Quote:
Originally Posted by
squall
Im guessing by "more direct", you mean "easier to implement".
The two methods you mentioned are pretty much the options available to you (which option you use depends on whether you want to use the encrypted or unencrypted password string).
Writing an expect script to reset a password is simple, just do a google search and you will have several working examples within minutes.
Using expect to run the "passwd" command protects the integrity of the file as it uses file locking to edit it, and a typo in your script is less likely to corrupt the shadow file.
Also if you are going to be changing passwords via a script keep in mind that it is bad security to leave passwords lying around hardcoded in scripts.
Thanks for your reply, Squall. I'lve decided to proceed using expect after all.
best regards
akbar
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I'm tasked to change a user's password on multiple Linux systems (RH v3). I though copying the encrypted password from one Linux /etc/shadow file to another would work but I was wrong.
The long term solution is to establish an openLDAP Directory service, but for now I'm stuck with a manual... (1 Reply)
Discussion started by: benq70
1 Replies
2. Shell Programming and Scripting
Hello,
when I try to connect to a remote machine through SSH username@host I am getting the error message
Permission denied (publickey,password,keyboard-interactive).
Can any one tell me what is the problem. the key is added in the remote machines authorized_keys file. (5 Replies)
Discussion started by: deepusunil
5 Replies
3. Shell Programming and Scripting
Hi Friends.
I am new to scripting now i want to change the root password using the script with standard password.
which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies
4. Solaris
Hello All,
I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Discussion started by: tferrazz
8 Replies
5. Homework & Coursework Questions
Q. Write a script that behaves both in interactive and non interactive mode. When no arguments are supplied it picks up each C program from the directory and prints first 10 lines.
It then prompts for deletion of the file.
If user supplies arguments with the script , then it works on those files... (8 Replies)
Discussion started by: rits
8 Replies
6. UNIX for Advanced & Expert Users
I have written the below scripts .
ldap_pwd_prompt.ksh
#!/usr/bin/ksh
passwd -r ldap
interactive_pwd_change.exp
#!/usr/local/bin/expect
set timeout 10
set curpass
set newpass
spawn ./ldap_pwd_prompt.ksh
expect "Enter existing login password:"
send "$curpass\r"
expect "New... (6 Replies)
Discussion started by: dr46014
6 Replies
7. AIX
AIX 6.1
User has a password set.
It needs to be a blank password (no password).
smit passwd
enter user name
at change password and confirm password, just press ENTER
Afterwards, I could not log on with blank password or with original password.
How can I change the password to a... (2 Replies)
Discussion started by: landog
2 Replies
8. Red Hat
We have a script which rsyncs two directories on two servers. This rsync will happen with the ID svID. But the script runs with the Control-M ID opID. we have setup password less SSH for svID, but it fails with Host key verification failed when the script is executed by opID. As opID is a... (1 Reply)
Discussion started by: Madimi
1 Replies
9. UNIX for Dummies Questions & Answers
Hello all,
can we SFTP to the destination server in a non-interactive mode with out estbalishing the public key of origination server in the destination server? meaning i want to harcode the password as part of the below script or as an variable?
Please let me know if there is any better way to... (2 Replies)
Discussion started by: Ariean
2 Replies
10. Forum Support Area for Unregistered Users & Account Problems
I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login.
Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies
LEARN ABOUT CENTOS
lchage
lchage(1) General Commands Manual lchage(1)
NAME
lchage - Display or change user password policy
SYNOPSIS
lchage [OPTION]... user
DESCRIPTION
Displays or allows changing password policy of user.
OPTIONS
-d, --date=days
Set the date of last password change to days after Jan 1 1970.
Set days to -1 to disable password expiration (i.e. to ignore --mindays, and --maxdays and related settings).
Set days to 0 to enforce password change on next login. (This also disables password expiration until the password is changed.)
-E, --expire=days
Set the account expiration date to days after Jan 1 1970. Set days to -1 to disable account expiration.
-i, --interactive
Ask all questions when connecting to the user database, even if default answers are set up in libuser configuration.
-I, --inactive=days
Disable the account after days after password expires (after the user is required to change the password). Set days to -1 to keep
the account enabled indefinitely after password expiration.
-l, --list
Only list current user's policy and make no changes.
-m, --mindays=days
Require at least days days between password changes. Set days to 0 or -1 to disable this requirement.
If this value is larger than the value set by --maxdays, the user cannot change the pasword.
-M, --maxdays=days
Require changing the password after days since last password change. Set days to -1 to disable password expiration.
-W, --warndays=days
Start warning the user days before password expires (before the user is required to change the password). Set days to 0 or -1 to
disable the warning.
EXIT STATUS
The exit status is 0 on success, nonzero on error.
NOTES
Note that "account expiration" (set by --expire) is distinct from "password expiration" (set by --maxdays). Account expiration happens on
a fixed date regardless of password changes. Password expiration is relative to the date of last password change.
libuser Nov 8 2012 lchage(1)