9 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Hello Experts,
Need some direction on creating shell script for following environment:
We have about 20 people in the team working as Oracle DBA's (sysdba's and appdba's). Total Servers which is a mix of Unix and Linux are 200. We do not have Root user access on any of the servers and... (3 Replies)
Discussion started by: sha2402
3 Replies
2. Solaris
Hi,
we plan to purchase new sun solaris server M4000 for oracle erp as we have old servers we want to upgrade it with new servers and would like to know query related to it.
1)what is Operating system version will comes with new servers and bit size either 32 bit or 64 bit??
2)bit size... (2 Replies)
Discussion started by: maooah
2 Replies
3. Solaris
We are real strict when it comes to passwords. Every 60 days the admins have to change passwords on all of the accounts. And there is pretty strict enforcement of the type of passwords chosen. This is a tedious and monotonous job. Ww don't use NIS or LDAP, so this has to be done on each machine. ... (5 Replies)
Discussion started by: brownwrap
5 Replies
4. Shell Programming and Scripting
Hello,
We are running aix 5.3.
We're looking for a script that can change passwords, taking 2 arguments ( old password, new password ).
I am wondering if this can be done with a here document, or some generic scripting method.
Or, if I would have to download expect.
Alternatively I wonder... (3 Replies)
Discussion started by: fwellers
3 Replies
5. UNIX for Advanced & Expert Users
What is the best way to monitor who changes passwords, or what passwords get changed? Is there a way to send that over to Syslog?
An example would be someone logs in as themselves, changes to root (which I capture by loging auth and auth.info) and then changes a password.
Do I need to put an... (1 Reply)
Discussion started by: AW12
1 Replies
6. UNIX for Dummies Questions & Answers
Hi,
I'm looking to get hold of a sun machine capable of running Solaris 9 to help me learn unix. I've been advised to look on e-bay, but am not sure of what to look for.
The below seems quite good.....
http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&category=1486&item=5707567514&rd=1
... (3 Replies)
Discussion started by: topcat8
3 Replies
7. Shell Programming and Scripting
Just wanted options of this - first 'real' Perl script and I'm not positive of all the quirks in Perl. Any suggestions are welcome.
Especially since I'm messing with /etc/shadow! Running Solaris 2.6, Perl 5.005.03
#!/u/bin/perl
#
# Change the user's old password to the new in /etc/shadow ... (3 Replies)
Discussion started by: thehoghunter
3 Replies
8. UNIX for Advanced & Expert Users
I am the administrator for a large network of HP/UX servers, about 100, this will be growing to over 200 in the next 18 months, part of my duties are to change the root passwords on these machines once month... which is a pain. I have written a script that will generate random passwords for me and... (3 Replies)
Discussion started by: PJolliffe
3 Replies
9. UNIX for Dummies Questions & Answers
Hello everyone let me start off by saying happy new year to all
I am new to this board.
I am running a multipurpose server (web/ftp/email) it runs apache 1.3.20 i think it is and Qmail
would I would like to do is find/create a script that will allow my users to change there unix password... (1 Reply)
Discussion started by: viperws
1 Replies
PWGEN(1) General Commands Manual PWGEN(1)
NAME
pwgen - generate pronounceable passwords
SYNOPSIS
pwgen [ OPTION ] [ pw_length ] [ num_pw ]
DESCRIPTION
The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memo-
rable passwords are never going to be as secure as completely completely random passwords. In particular, passwords generated by pwgen
without the -s option should not be used in places where the password could be attacked via an off-line brute-force attack. On the other
hand, completely randomly generated passwords have a tendency to be written down, and are subject to being compromised in that fashion.
The pwgen program is designed to be used both interactively, and in shell scripts. Hence, its default behavior differs depending on
whether the standard output is a tty device or a pipe to another program. Used interactively, pwgen will display a screenful of passwords,
allowing the user to pick a single password, and then quickly erase the screen. This prevents someone from being able to "shoulder surf"
the user's chosen password.
When standard output (stdout) is not a tty, pwgen will only generate one password, as this tends to be much more convenient for shell
scripts, and in order to be compatible with previous versions of this program.
In addition, for backwards compatibility reasons, when stdout is not a tty and secure password generation mode has not been requested,
pwgen will generate less secure passwords, as if the -0A options had been passed to it on the command line. This can be overriden using
the -nc options. In the future, the behavior when stdout is a tty may change, so shell scripts using pwgen should explicitly specify the
-nc or -0A options. The latter is not recommended for security reasons, since such passwords are far too easy to guess.
OPTIONS
-0, --no-numerals
Don't include numbers in the generated passwords.
-1 Print the generated passwords one per line.
-A, --no-capitalize
Don't bother to include any capital letters in the generated passwords.
-a, --alt-phonics
This option doesn't do anything special; it is present only for backwards compatibility.
-B, --ambiguous
Don't use characters that could be confused by the user when printed, such as 'l' and '1', or '0' or 'O'. This reduces the number
of possible passwords significantly, and as such reduces the quality of the passwords. It may be useful for users who have bad
vision, but in general use of this option is not recommended.
-c, --capitalize
Include at least one capital letter in the password. This is the default if the standard output is a tty device.
-C Print the generated passwords in columns. This is the default if the standard output is a tty device.
-N, --num-passwords=num
Generate num passwords. This defaults to a screenful if passwords are printed by columns, and one password.
-n, --numerals
Include at least one number in the password. This is the default if the standard output is a tty device.
-H, --sha1=/path/to/file[#seed]
Will use the sha1's hash of given file and the optional seed to create password. It will allow you to compute the same password
later, if you remember the file, seed, and pwgen's options used. ie: pwgen -H ~/your_favorite.mp3#your@email.com gives a list of
possibles passwords for your pop3 account, and you can ask this list again and again.
WARNING: The passwords generated using this option are not very random. If you use this option, make sure the attacker can not
obtain a copy of the file. Also, note that the name of the file may be easily available from the ~/.history or ~/.bash_history
file.
-h, --help
Print a help message.
-s, --secure
Generate completely random, hard-to-memorize passwords. These should only be used for machine passwords, since otherwise it's
almost guaranteed that users will simply write the password on a piece of paper taped to the monitor...
-v, --no-vowels
Generate random passwords that do not contain vowels or numbers that might be mistaken for vowels. It provides less secure pass-
words to allow system administrators to not have to worry with random passwords accidentally contain offensive substrings.
-y, --symbols
Include at least one special character in the password.
AUTHOR
This version of pwgen was written by Theodore Ts'o <tytso@alum.mit.edu>. It is modelled after a program originally written by Brandon S.
Allbery, and then later extensively modified by Olaf Titz, Jim Lynch, and others. It was rewritten from scratch by Theodore Ts'o because
the original program was somewhat of a hack, and thus hard to maintain, and because the licensing status of the program was unclear.
SEE ALSO
passwd(1)
pwgen version 2.05 January 2006 PWGEN(1)