04-30-2016
Xray is right. This is the way to go.
Note that chpasswd - like a passwd <user> - will set the ADMCHNG flag in /etc/security/passwd, resulting in a request for the user to change his password the first time logs in after the change.
Usually this is wanted, but in case it is not do a pwdadm -c <user> afterwards. This will clear the aforementioned flag.
I hope this helps.
bakunin
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I am new beginner in Unix and little experienced in BaaN ERP.
Problem Statement: I have to run a BaaN session. I have to change the password for both primary and secondary server by using this session.
On primary server only few people has access permission (say 10). But on secondary server... (0 Replies)
Discussion started by: s_chandrakar
0 Replies
2. Shell Programming and Scripting
Hi all
I have some 106 users of which i need to change the password of them to a common one. I dont know their paswword. But i need to reset them to a common one. How can i do this with a shell script? It would be a great help if some one can help to sort out this.:b::b:
I know it can be... (0 Replies)
Discussion started by: Tuxidow
0 Replies
3. Solaris
Hi All,
How to enforce all users to change their password when they try to login.
I am having Solaris 9 and 10.
Even it would be much better if anyone can say to enforce all users to change their password next morning they login.
Thanks in advance,
Deepak (3 Replies)
Discussion started by: naw_deepak
3 Replies
4. Shell Programming and Scripting
We have a server where we have a number of user ids and we also have the list of old passwords in a CSV file.
Now we want to change the password of all the users and assign them a default password.Can we write a shell script to do that.
I am planning to read the user name and corresponding... (7 Replies)
Discussion started by: dr46014
7 Replies
5. AIX
Hi all,
I'm trying to change a password for root on an AIX 5.2 machine. Oslevel -r shows 5200-10 for this machine. Here's what happens:
/ # whoami
root
/ # passwd
Please type a new password:
Please re-enter the new password:
Changing UNIX password...
601 - Can't access the password... (7 Replies)
Discussion started by: need2bageek
7 Replies
6. UNIX for Advanced & Expert Users
Hello - Is this possible on Unix machines? Can we update user password change time? (6 Replies)
Discussion started by: manju--
6 Replies
7. Solaris
I am on SunOS SolarisServer 5.11 11.1 i86pc i386 i86pc , I am trying to change password for a user,but I get the following message.I cannot find any google help on the matter.can anyone help?
root@SolarisServer:~# passwd
passwd: Changing password for stain
Please try again
Please try... (6 Replies)
Discussion started by: cbtshare
6 Replies
8. Shell Programming and Scripting
Hi All,
I am having Solaris 5.10 acting as NIS.
How do i change multiple user password in NIS in a batch.
I have predefined users with their passwords to be set:
Example:
user1 password1
user2 password2
Pls advise. (0 Replies)
Discussion started by: yogajwa
0 Replies
9. AIX
Hi
I'd like to ssh from an AIX OS server ( v5.3) to a Fabric OS server ( v6.1.2 ) without password.
I tried using dsa or rsa keys but it didn't work, the aix server still asked for the password.
Somebody help, please :(:(:( (8 Replies)
Discussion started by: bobochacha29
8 Replies
10. AIX
Hello,
We're running AIX 6 & 7.
Previously we were using the old encryption techinique (DES/crypt)
I have a GUI application that has a verify button (the verify button is sort of a digital signature) - the user clicks it, enters his or her password and we then make a call to a C module, This... (3 Replies)
Discussion started by: evansch
3 Replies
LEARN ABOUT X11R4
chpasswd
CHPASSWD(8) System Management Commands CHPASSWD(8)
NAME
chpasswd - update passwords in batch mode
SYNOPSIS
chpasswd [options]
DESCRIPTION
The chpasswd command reads a list of user name and password pairs from standard input and uses this information to update a group of
existing users. Each line is of the format:
user_name:password
By default the passwords must be supplied in clear-text, and are encrypted by chpasswd. Also the password age will be updated, if present.
By default, passwords are encrypted by PAM, but (even if not recommended) you can select a different encryption method with the -e, -m, or
-c options.
Except when PAM is used to encrypt the passwords, chpasswd first updates all the passwords in memory, and then commits all the changes to
disk if no errors occurred for any user.
When PAM is used to encrypt the passwords (and update the passwords in the system database) then if a password cannot be updated chpasswd
continues updating the passwords of the next users, and will return an error code on exit.
This command is intended to be used in a large system environment where many accounts are created at a single time.
OPTIONS
The options which apply to the chpasswd command are:
-c, --crypt-method METHOD
Use the specified method to encrypt the passwords.
The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods.
By default, PAM is used to encrypt the passwords.
-e, --encrypted
Supplied passwords are in encrypted form.
-h, --help
Display help message and exit.
-m, --md5
Use MD5 encryption instead of DES when the supplied passwords are not encrypted.
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
-s, --sha-rounds ROUNDS
Use the specified number of rounds to encrypt the passwords.
The value 0 means that the system will choose the default number of rounds for the crypt method (5000).
A minimal value of 1000 and a maximal value of 999,999,999 will be enforced.
You can only use this option with the SHA256 or SHA512 crypt method.
By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in /etc/login.defs.
CAVEATS
Remember to set permissions or umask to prevent readability of unencrypted files by other users.
CONFIGURATION
The following configuration variables in /etc/login.defs change the behavior of this tool:
SHA_CRYPT_MIN_ROUNDS (number), SHA_CRYPT_MAX_ROUNDS (number)
When ENCRYPT_METHOD is set to SHA256 or SHA512, this defines the number of SHA rounds used by the encryption algorithm by default (when
the number of rounds is not specified on the command line).
With a lot of rounds, it is more difficult to brute forcing the password. But note also that more CPU resources will be needed to
authenticate users.
If not specified, the libc will choose the default number of rounds (5000).
The values must be inside the 1000-999,999,999 range.
If only one of the SHA_CRYPT_MIN_ROUNDS or SHA_CRYPT_MAX_ROUNDS values is set, then this value will be used.
If SHA_CRYPT_MIN_ROUNDS > SHA_CRYPT_MAX_ROUNDS, the highest value will be used.
Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM
configuration. It is recommended to set this variable consistently with the PAM configuration.
FILES
/etc/passwd
User account information.
/etc/shadow
Secure user account information.
/etc/login.defs
Shadow password suite configuration.
/etc/pam.d/chpasswd
PAM configuration for chpasswd.
SEE ALSO
passwd(1), newusers(8), login.defs(5), useradd(8).
shadow-utils 4.5 01/25/2018 CHPASSWD(8)