Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: need script for passwd , can't use expect tool
Special Forums UNIX and Linux Applications Infrastructure Monitoring need script for passwd , can't use expect tool Post 75991 by Garry_Garrett on Thursday 23rd of June 2005 07:31:00 PM
Old 06-23-2005
Error Security
Speaking as a SysAdmin, the big problem with doing this type of thing in an expect script is, users (on average not being very security minded) almost never think to look at the permissions on their expect script. Consequenty, they create an expect script, put password in it, and it is sitting there with rwxr-xr-x permissions, for anybody on the system to read (or if it resides in an NFS exported directory, anybody on any system that NFS mounts it or anybody on any system who who can spoof the NFS server into allowing them to mount it). Expect fools programs that were wise enough to insist on speaking to a real live terminal into thinking that they are talking to a terminal when in fact they are being driven programatically.

One thing I like about this script is that it prompts you for the (new and old) passwords. If you read the passwords from a file, your program better insist on that file having good permissions or else you are asking for trouble.

I actually came across this page when I was searching for informationa about a similar program "passmass". That might be another option for someone who interested.

However you change your passwords en-masse, be careful about the permissions of your scripts if they contain any passwords in them, etc.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

'expect' tool

Can someone please provide a simple sample of syntax using the expect tool with an app. Let's say FTP. Maybe point me to where I may find some information on the syntax used. I'm not going to by a book on it. Thanks in advance! (2 Replies)
Discussion started by: shaggy
2 Replies

2. Shell Programming and Scripting

strange expect script behavior, or am i misunderstanding expect scripting?

Hello to all...this is my first post (so please go easy). :) I feel pretty solid at expect scripting, but I'm running into an issue that I'm not able to wrap my head around. I wrote a script that is a little advanced for logging into a remote Linux machine and changing text in a file using sed.... (2 Replies)
Discussion started by: v1k0d3n
2 Replies

3. Shell Programming and Scripting

Help with Expect tool Script

Problem Description: I have written the Expect script in Linux box, able to login from Linux to Windows and able to execute the command(eg, hostname) on windows server which produces some value. I want to pass this value from Windows to Linux box . Can we pass any parameter from Linux with expect... (2 Replies)
Discussion started by: khagendra
2 Replies

4. Shell Programming and Scripting

Expect passwd scripting

I am trying to write an expect script which will read information from a file that contains username and password, and change the password for each user accordingly. The list contains around 100 users. I am new to both Solaris and expect. I have successfully been able to set the first user's... (9 Replies)
Discussion started by: DoctorOctagon
9 Replies

5. Solaris

tool to convert /etc/passwd and etc/shadow

i wonder if there is a tool to read the /etc/passwd or /etc/shadow files in order to reset user accounts to the same one. By moving (restore) all filessytem and data to another same Sun box, none of the users are able to logon to the new box which i didn't change nothing. But if i reset the user... (1 Reply)
Discussion started by: lamoul
1 Replies

6. Shell Programming and Scripting

Need help with Expect script for Cisco IPS Sensors, Expect sleep and quoting

This Expect script provides expect with a list of IP addresses to Cisco IPS sensors and commands to configure Cisco IPS sensors. The user, password, IP addresses, prompt regex, etc. have been anonymized. In general this script will log into the sensors and send commands successfully but there are... (1 Reply)
Discussion started by: genewolfe
1 Replies

7. Shell Programming and Scripting

script using expect tool

Hi All, I need ur help and suggestion to make my code efficient.I have to reset the password for multiple unix flavour using expect tool.There is one file in which I have mentioned ip address and main script will pickup those ip and reset all password and it will write to a log file whether it has... (1 Reply)
Discussion started by: manish_1678
1 Replies

8. Programming

Calling expect script inside another expect

Hi, Am very new to expect scripting.. Can You please suggest me how to call an expect script inside another expect script.. I tried with spawn /usr/bin/ksh send "expect main.exp\r" expect $root_prompt and spawn /usr/bin/ksh send "main.exp\r" expect $root_prompt Both... (1 Reply)
Discussion started by: Priya Amaresh
1 Replies

9. Programming

Calling another expect script inside an expect script

I have an expect script called remote that I want to call from inside my expect script called sudoers.push, here is the code that is causing me issues: set REMOTE "/root/scripts/remote" ... log_user 1 send_user "Executing remote script as $user...\n" send_user "Command to execute is: $REMOTE... (1 Reply)
Discussion started by: brettski
1 Replies

10. Programming

Expect script returning string following a found expect.

I'm fairly new to scripting so this might not be possible. I am using Expect with Cisco switches and need to capture the string after finding the expect request. For example, when I issue "show version" on a Nexus switch, I'm looking to capture the current firmware version: #show version ... (0 Replies)
Discussion started by: IBGaryA
0 Replies

LEARN ABOUT REDHAT

pqrm

PQRM(1) 							       pqrm								   PQRM(1)

NAME

       pqrm - Remove job from NetWare print queue

SYNOPSIS

       pqrm [ -h ] [ -S server ] [ -U user name ] [ -P password | -n ] [ -C ] queue_name job_ID [ another_job_ID ... ]

DESCRIPTION

       pqrm  remove specified jobs from the NetWare print queue available to you on some server. If you are already connected to some server, this
       one is used.

       pqrm looks up the file $HOME/.nwclient to find a file server, a user name and possibly a password. See nwclient(5)  for	more  information.
       Please note that the access permissions of .nwclient MUST be 600, for security reasons.

OPTIONS

       queue_name
	  queue_name is used to specify queue. You can not use wildcards in the name.

       job_ID , another_job_ID
	  job_ID is used to specify which job has to be deleted.

       -S server
	  server is the name of the server you want to use.

       -U user name
	  If  the user name your NetWare administrator gave to you differs from your unix user-id, you should use -U to tell the server about your
	  NetWare user name.

       -P password
	  You may want to give the password required by the server on the command line. You should be careful about using passwords in scripts.

       -n
	  -n should be given to mount shares which do not require a password to log in.

	  If neither -n nor -P are given, pqstat prompts for a password.

       -C
	  By default, passwords are converted to uppercase before they are sent to the server, because most servers require this. You can turn off
	  this conversion by -C.

SEE ALSO

       nwclient(5), nprint(1), slist(1), ncpmount(8), ncpumount(8), pqlist(1), pqstat(1)

CREDITS

       pqrm was written by Petr Vandrovec (vandrove@vc.cvut.cz)

pqrm								    03/03/1998								   PQRM(1)
All times are GMT -4. The time now is 09:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy