Re: Automatic password changing
With all this automatic password changing stuff, and people making little
perl progs and stuff to do it and all, wouldn't it be easier to just
use "usermod" to change the password (it can do that, you supply the
password on the command line in encrypted form).
usermod -p encryptedpasswd root
You could use mkpasswd to make the encrypted password. I believe that
mkpasswd is in the "whois" package (Debian 2.2)
Regards,
Robert Davidson.
On Wed, Mar 22, 2000 at 11:59:00AM +0100, Neil D. Roberts wrote:
> Gee, thanks, I´m on my way :) Tell how things work out. . . . .
>
> Tim Haynes wrote:
>
> > On Wed, Mar 22, 2000 at 11:33:04AM +0100, Neil D. Roberts wrote:
> > > Thanks Tim ! :)
> > >
> > > So this line changes the root password ? Ok, the password has a nice length,
> > > with upper and lower case, numbers and a couple simbols. Pretty solid ?
> >
> > Good, way to go.
> >
> > > Anyway, so what does
> > perl -npi.bak -e 's/^root:[^:]*:/root:pants/o' /etc/shadow
> > > actually do, does it create a file, or is it this which appears in the cron
> > > ? Sorry for the questions, I´m not quite iniciated in perl yet. So, if this
> > > does create a file, what would I find in, say, cron.daily ? Thanks a lot
> > > for this information.
> >
> > Rightyho, it's like this:
> > perl : wonder-command ;)
> > -n : for each line of input, do the executable program
> > -p : print lines
> > -i : do inline editing of a file, in this case also taking a .bak
> > copy first
> > -e : the program to be executed, see -n.
> > s/// : a regexp-based search & replace just like vi/vim/sed/perl.
> > /o: only compile the regexp once, for speed (hic!).
> >
> > The regexp is chosen to match exactly that line (should really only be one
> > although it'll work for all lines) that start "root:" and it replaces the next
> > colon-separated "word" with "pants", ie the encrypted root password.
> >
> > So to implement this,
> > * su - root # or use sudo, it's cuter
> > * do a passwd root NOW to your funky new passwd
> > * take a look at /etc/shadow and isolate the encrypted password that
> > 'passwd' generated.
> > * create a shell script eg /usr/local/sbin/fixpw.sh that looks like
> > #!/bin/sh
> >
> > perl -npi.bak -e ..... yadda
> >
> > * chmod 700 /usr/local/sbin/fixpw.sh # important!!
> > * crontab -e
> > * put a line like
> > 0 * * * * /usr/local/sbin/fixpw.sh
> > in the crontab file and away you go!
> >
> > HTH :)
> >
> > ~Tim
> > --
> > | Geek Code: GCS dpu s-:+ a-- C++++ UBLUAVHSC++++ P+++ L++ E--- W+++(--) N++
> > | w--- O- M-- V-- PS PGP++ t--- X+(-) b D+ G e++(*) h++(*) r--- y-
> > | The sun is melting over the hills, | http://piglet.is.dreaming.org/
> > | All our roads are waiting / To be revealed | piglet@glutinous.custard.org
>
> --
> -------------------------------------------------------------
> Neil D. Roberts ; Administrador De Sistemas; <neil@lander.es>
> Lander World Communications Server S.L. / Integra España S.A.
> Calle Rufino Gonzalez, Nº15 - 4ª Planta, Madrid, España 28037
> Telefonos : 917.897.710 ; 902.363.363 Fax : 913.042.044
> Mensatel Beeper: Nº 940.331.331 ; Codigo Del Cliente : #NR10
> PGP Print: 6228 6EEE C604 431A 70A9 84B7 E327 9CAF E59A 2709
> -------------------------------------------------------------
>
>
> Drive A: not responding.. .Formating C: instead
>
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: