cbishop
18-04-2005 09:44:24
does anyone have any hints on scripting a largescale password
change (400 users), given a textfile with "user, pass" ???
i've already got one that uses the builtin solaris command "passwd"
along with "expect", but it takes a couple of hours to complete.
i'm hoping to find or write something that just takes the textfile, and
spits out the salted md5 hash to a new shadow file.
robertngreen
18-04-2005 12:12:16
I would check your passwd command. Under linux there is a --stdin option that will take the password from standard in (either a redirection or a pipe). Couple that with some perl/python/shell scripting and that should take care of everything. I have had to do this a couple of times in the past and that is the best way I can think of.
Anonymous
18-04-2005 14:07:53
i wish it were that easy. i can't find any such option in solaris.
wolfie
18-04-2005 20:20:17
You might want to look at perl and the Expect module, this will suffice.
cbishop
19-04-2005 08:33:16
robert,
i found "openssl passwd" which has the option you're talking
about. it also has the option to choose a salt and pass and it
will spit out a hash for you.
mybox$ openssl passwd -salt ff foo
ffTU0fyIP09Z.
mybox$ openssl passwd -salt gg foo
ggRhFaX7IcTzI
mybox$ openssl passwd -1 -salt gg foo
$1$gg$xsCQLUJWvoFgsdwBtypo.1
mybox$ openssl passwd -1 -salt ff foo
$1$ff$xvhiu9sQdaJZUFdJDyyg/1
thanks for your help
robertngreen
20-04-2005 13:09:13
I know the linux passwd with that option will also change the passwd/shadow for you.
At least you found a solution that will work.
Anonymous
20-04-2005 15:23:17
also, ferralis on the okc2600 board turned me on to
the perl crypt function which works even better, and
integrates more easily than calls to system progs.
looks like
$encryptedpass=crypt($salt,$plaintext);
robertngreen
25-04-2005 13:52:50
That works but doesn't generate SHA1 or MD5 passwords that are used in the current linux shadow format or is seems for solaris.