Set password script (259 Views)
Reply
Regular Advisor
Mike Keys
Posts: 170
Registered: ‎10-17-2002
Message 1 of 6 (259 Views)
Accepted Solution

Set password script

This has probably been answered more than once.

I do not wish to install "expect" to do this. I am looking for perl code to set a user's password to some pre-determined inital value, wehreby the user will have to change their password the first time they login after that.
Please use plain text.
Acclaimed Contributor
A. Clay Stephenson
Posts: 17,825
Registered: ‎07-16-1998
Message 2 of 6 (259 Views)

Re: Set password script

Perl has the crypt() function to create the passwd hash. A system command to invoke passwd -f user will expire the passwd; you can build the passwd -f user comand up with an sprintf.
If it ain't broke, I can fix that.
Please use plain text.
Honored Contributor
Mel Burslan
Posts: 3,213
Registered: ‎08-26-1998
Message 3 of 6 (259 Views)

Re: Set password script

or if you are planning to use the same password over and over again and you have it in the encrypted form already, you can use this utility that sam uses as follows:

/usr/sam/lbin/usermod.sam -p "Dx3zsaXO3q22." username

I don't think any portion needs any explanation on this command.

________________________________
UNIX because I majored in cryptology...
Please use plain text.
Frequent Advisor
Tom Schroll
Posts: 38
Registered: ‎11-07-2003
Message 4 of 6 (259 Views)

Re: Set password script


I tried several different iterations of piping, reading from stdin, and other hacks to see if I could pump data into the passwd command itself. But I firmly believe that the passwd command attempts to open the tty directly somehow using the tty driver (doesn't use stdin when reading a password from the user). I even tried to fake it out by putting it in a tty-less environment while using stdin to feed data to passwd. The passwd command still refused to read from a pipe or from any specific file descriptor. Therefore, it appears that the best solution would be to generate a predefined hash (and possibly use the usermod.sam utility to plug it in to the password file). I tested the usermod.sam command on both a trusted and a non-trusted system and it seems to work in both cases. Note that the hash format (including the strings which control aging and expiration in the hash) are pretty well documented in the passwd(4) man page.

-- Tom
If it ain't broke, it needs optimized.
Please use plain text.
Respected Contributor
generic_1
Posts: 533
Registered: ‎10-09-2002
Message 5 of 6 (259 Views)

Re: Set password script

I just posted the answer in your other post it works for trusted and untrusted.
You can use crypt to generate the password
or you can clip a default one thats incrypted out of the password or trusted /tcb/ directory files.
If you use a default one though make sure you run an extra command to force the users to change it.
Please use plain text.
Respected Contributor
generic_1
Posts: 533
Registered: ‎10-09-2002
Message 6 of 6 (259 Views)

Re: Set password script

Note password is the password and 1b is the salt
echo "password1b" |/usr/lib/makekey
supbstitute the output into the usermodsam command and you can automate the whole thing :).

Note to use 8 char password 2 char salt when doing this.


Points are welcome
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation