[olug] remote password changes
unfies at gmail.com
Wed May 31 17:04:29 UTC 2006
not overly secure, but you can either have a sudo account that you log
into... and have your ssh connection spawn a password change script... ie:
ssh passchangeuser at host password_change.sh targetuser targetpassword
Where password_change.sh is a front end to passwd.
Naturually, if you're concerned about `ps aux` on either server (ppl seeing
the running processes), you'll need to have some kind of
encryption+ascii_conversion package for the "targetpassword" parameter
(rather than passing the plain text). A simple and not so effective example
would be to pass it through rot13 on both ends.
Another option is to do an scp to passchangeuser's account that puts a file
(say, that's named targetuser and contains the new password inside) in a
special directory (/home/passchangeuser/newinfo ?) and a cron task that
constantly looks for new files in that directory and does the passwd command
to change things as appropriate. This way the user's password isn't
transfered plain text and you don't have to worry about `ps aux` people.
No script examples in this email, kinda too busy to actually go about a full
On 5/31/06, webtrekker at cox.net <webtrekker at cox.net > wrote:
> Hi All,
> I am trying to write a script that will reference a list of machine names
> and then connect to each one through ssh to change a users password.
> SSH can connect to each server without prompting for a password
> I am not a very good script writer, so any help would be greatly
> OLUG mailing list
> OLUG at olug.org
More information about the OLUG