Home Knowledge Base Linux Tips How to: Mass password changes in linux

How to: Mass password changes in linux

 

Sometimes it is needed to change passwords accross many linux servers. To solve this problem we can employ custom shell scripting.

Tested with Linux Fedora 8,9,10.

  1. Prerequisite:
    • You must be able to login to any of your linux servers using public key authentication from your central management host
    • You must use "root" account. Ex: ssh root@192.168.1.1
  2. Create file called "masspasswordchange"
  3. Apply ACL. "chmod 700 masspasswordchange"
  4. vi masspasswordchange
#!/bin/bash
command='/root/new_password';
removecommand='rm new_password';
list='192.168.1.1 192.168.1.2';
for host in $list;
do
echo "Starting" $host;
scp new_password root@${host}:new_password
ssh root@${host} ${command}
ssh root@${host} ${removecommand}
done
exit 0

Note that list variable contains ip addresses of the destination hosts. So when we change password, we change it on 192.168.1.1 and 192.168.1.2. You will need to change list to match your needs. Remeber that names or ip addresses need to be delimetered by spaces.

  1. Create file called "new_password"
  2. Apply ACL. "chmod 700 new_password"
  3. vi new_password
#!/bin/bash
echo "Changing passwords on" $HOSTNAME"...";
echo "Setting password for root, mazu and secure"
PASSWD='sadasdasdqc$kdjkjfklsdklfdsklfjsdlfjsdklf/'
# save a copy of the original and use it as the nawk input file
cp -p /etc/shadow /etc/shadow.orig
awk -F: '{
        if ( $1 == "root" || $1 == "mazu" || $1 == "secure")
                printf"%s:%s:%s:%s:%s:%s:%s:%s:%s\n",$1,passwd,$3,$4,$5,$6,$7,$8,$9
        else
                printf"%s:%s:%s:%s:%s:%s:%s:%s:%s\n",$1,$2,$3,$4,$5,$6,$7,$8,$9
        }' passwd="$PASSWD" /etc/shadow.orig > /etc/shadow
echo "Password for root, mazu or secure set on `hostname`";
#

Note that you will need to modify PASSWD variable. You should input password hash. In new_password script we modify passwords for user root, mazu, and secure.

To change passwords on all the systems at once issue the following command on the central management server:

./masspasswordchange

Done.

 

Search

Moving your apps to Amazon or Miscrosoft Clouds?

We can help you analyze your existing infrastructure, identify the cost savings we can achieve by migrating to a cloud provider. We can then execute end-to-end migration plan of your infrastructure and bringing down your TCO.

Cloud Computing

Ready for IPv6 Migration?

The Internet is running out of the equivalent of phone numbers - familiar problem, non-trivial solution.

The world has to move to IPv6, with its 128-bit addresses. But that's easier said than done.

IPv6 Migration

Are you fluent in "Linux"?

Learn Linux from a leading expert and quickly master you Linux skills.

Learn how to simplify your workflow and increase your productivity using tips and techniques of the pros.

Ideal training for Corporate IT Beginners and Advanced IT Admins alike.

Corporate Linux Training

Who's Online

We have 9 guests and no members online