Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Script to change password on linux servers over ssh

Tags:

We have a number of Red Hat linux servers in our IT environment. I am being asked by my team members to write a script (preferably shell script) to change a user's password on each one of those in a single go, using SSH.

I have tried to find a solution but many of the scripts I found are using Expect. We do not have Expect installed on our servers and the system admins have refused to let us install it. Also, the users do not have root access so passwd --stdin or chpasswd cannot be used.

Is there any way a script can be written so that a user can run it and change the password of only his own user on all the servers in a list?

like image 714
squashbuff Avatar asked Nov 23 '11 02:11

squashbuff


People also ask

How do I change the root password in shell script?

Type the command 'passwd' and press 'Enter. ' You should then see the message: 'Changing password for user root. ' Enter the new password when prompted and re-enter it at the prompt 'Retype new password.

How do I force a user to change password on Linux login?

Using passwd command The -e option expires the current user password forcing user to set a new one on next login. From the man page of passwd command : -e This is a quick way to expire a password for an account. The user will be forced to change the password during the next login attempt.

What is the UNIX Linux command used to change a user's password?

The passwd command changes passwords for user accounts. A normal user may only change the password for their own account, while the superuser may change the password for any account. passwd also changes the account or associated password validity period.


1 Answers

The remote machine(s) do not need expect installed. You can install expect on a local workstation or VM (virtualbox) or whichever *nix box, and write a wrapper that calls this .ex (expect) script (there may be small changes from distro to distro, this tested on CentOS 5/6):

#!/usr/bin/expect -f
# wrapper to make passwd(1) be non-interactive
# username is passed as 1st arg, passwd as 2nd

set username [lindex $argv 0]
set password [lindex $argv 1]
set serverid [lindex $argv 2]
set newpassword [lindex $argv 3]

spawn ssh $serverid passwd
expect "assword:"
send "$password\r"
expect "UNIX password:"
send "$password\r"
expect "password:"
send "$newpassword\r"
expect "password:"
send "$newpassword\r"
expect eof
like image 106
Randy Katz Avatar answered Oct 11 '22 23:10

Randy Katz