Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

It is currently Fri Dec 01, 2023 2:32 am

Message body:
Enter your message here, it may contain no more than 60000 characters. 

:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:
Font size:
Font colour
BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON
Disable BBCode
Disable smilies
Do not automatically parse URLs
Confirmation code
Confirmation code:
In an effort to prevent automatic submissions, we require that you enter both of the words displayed into the text field underneath.

Topic review - Linux change the password with output from echo command (standard input)
Author Message
Post subject: Linux change the password with output from echo command (standard input)  |  Post Posted: Thu Jan 14, 2010 5:58 pm
In Linux it is possible to change a user's password with the ouput of an echo command, coming from standard input, via pipe.
       passwd - update a user’s authentication tokens(s)

       passwd  [-k]  [-l] [-u [-f]] [-d] [-n mindays] [-x maxdays] [-w warndays] [-i inactivedays] [-S] [--stdin] [user-

       Passwd is used to update a user’s authentication token(s).

       Passwd is configured to work through the Linux-PAM API.  Essentially, it initializes itself as a "passwd" service
       with Linux-PAM and utilizes configured password modules to authenticate and then update a user’s password.

       A simple entry in the Linux-PAM configuration file for this service would be:

        # passwd service entry that does strength checking of
        # a proposed password before updating it.
        passwd password requisite \
                    /usr/lib/security/ retry=3
        passwd password required \
                    /usr/lib/security/ use_authtok

       Note, other module-types are not required for this application to function correctly.

       -k     The  option,  -k,  is  used  to  indicate that the update should only be for expired authentication tokens
              (passwords); the user wishes to keep their non-expired tokens as before.

       -l     This option is used to lock the specified account and it is available to root only. The  locking  is  per-
              formed  by rendering the encrypted password into an invalid string (by prefixing the encrypted string with
              an !).

              This option is used to indicate that passwd should read the new password from standard input, which can be
              a pipe.

Example of reading password from standard input:
# echo '123456789' | passwd --stdin tuser
Changing password for user tuser.
passwd: all authentication tokens updated successfully.

Above, user tuser's password was changed to '123456789'.
Jump to:  
News News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list

Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]