Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

Linux change the password with output from echo command (standard input)
Page 1 of 1

Author:  debuser [ Thu Jan 14, 2010 5:58 pm ]
Post subject:  Linux change the password with output from echo command (standard input)

In Linux it is possible to change a user's password with the ouput of an echo command, coming from standard input, via pipe.
       passwd - update a user’s authentication tokens(s)

       passwd  [-k]  [-l] [-u [-f]] [-d] [-n mindays] [-x maxdays] [-w warndays] [-i inactivedays] [-S] [--stdin] [user-

       Passwd is used to update a user’s authentication token(s).

       Passwd is configured to work through the Linux-PAM API.  Essentially, it initializes itself as a "passwd" service
       with Linux-PAM and utilizes configured password modules to authenticate and then update a user’s password.

       A simple entry in the Linux-PAM configuration file for this service would be:

        # passwd service entry that does strength checking of
        # a proposed password before updating it.
        passwd password requisite \
                    /usr/lib/security/ retry=3
        passwd password required \
                    /usr/lib/security/ use_authtok

       Note, other module-types are not required for this application to function correctly.

       -k     The  option,  -k,  is  used  to  indicate that the update should only be for expired authentication tokens
              (passwords); the user wishes to keep their non-expired tokens as before.

       -l     This option is used to lock the specified account and it is available to root only. The  locking  is  per-
              formed  by rendering the encrypted password into an invalid string (by prefixing the encrypted string with
              an !).

              This option is used to indicate that passwd should read the new password from standard input, which can be
              a pipe.

Example of reading password from standard input:
# echo '123456789' | passwd --stdin tuser
Changing password for user tuser.
passwd: all authentication tokens updated successfully.

Above, user tuser's password was changed to '123456789'.

Page 1 of 1 All times are UTC - 5 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group