Softpanorama (slightly skeptical) Open Source Software Educational Society

May the source be with you, but remember the KISS principle ;-) Softpanorama Search

Unix chpasswd

The chpasswd command administers users' passwords. The root user can supply or change users' passwords specified through standard input. Each line of input must be of the following format.

username:password

Only root users can set passwords with this command.

By default, the chpasswd command sets the ADMCHG flag for the users. The -f option may be used with other valid flags to override the default. The -c option clears all password flags.

The password field can be cleartext or a value encrypted with the crypt algorithm. The -e option indicates that passwords are of encrypted format. Please note that all passwords in a batch must conform to the same format.

-e Specifies that the passwords are of encrypted format.

-f flags Specifies the comma separated list of password flags to set. Valid flag values are: ADMIN, ADMCHG, and/or NOCHECK. Refer to the pwdadm command documentation for details about these values.

-R load_module Specifies the loadable I&A module used to change users' passwords.

Both AIX and linux have chpasswd by default. For Solaris and HP-UX you need to struggle. Also on Linux, passwd has a --stdin option that lets you supply the password via standard input.

For Solaris the primary option would be Staf Wagemakers chpasswd implementation Version 1.3.2 now includes Solaris binary of chpasswd which works on Solaris 9 and 10.

For HP-UX Bill Thompson script might be an option. See  'Re password setting through script....' - MARC

Old News ;-)

[Jan 24, 2008] freshmeat.net Project details for cgipaf

The package also contain Solaris binary of chpasswd clone, which is extremely useful for mass changes of passwords in mixed corporate environments which along with Linux and AIX (both have native chpasswd  implementation) include Solaris or other Unixes that does not have chpasswd utility (HP-UX is another example in this category).   Version 1.3.2 now includes Solaris binary of chpasswd which works on Solaris 9 and 10.

cgipaf is a combination of three CGI programs.

• passwd.cgi, which allow users to update their password,
• viewmailcfg.cgi, which allows users to view their current mail configuration,
• mailcfg.cgi, which updates the mail configuration.

All programs use PAM for user authentication. It is possible to run a script to update SAMBA passwords or NIS configuration when a password is changed. mailcfg.cgi creates a .procmailrc in the user's home directory. A user with too many invalid logins can be locked. The minimum and maximum UID can be set in the configuration file, so you can specify a range of UIDs that are allowed to use cgipaf.

[Jan 17, 2008] Staf Wagemakers chpasswd implementation (changepass)

I tested on Solaris 10 and 9. Works as expected.

changepass manpage

changepass − update an user’s password

changepass is a chpasswd clone, it might be useful on platforms that doesn’t have such a command like Solaris.
Most GNU/Linux distributions have chpasswd (8), on FreeBSD you can use "pw usermod name -h 0" but many commercial Un*ces doesn’t have tool like this. An alternative is to update the user’s password in script with usermod but it’s possible to see the encrypted password in the process list, which is not very secure.
changepass reads a list of user name and password pairs from stdin and updates the users passwords

Each line has format:

username:password

OPTIONS

-h,--help print this help
-n,--nopam don’t use pam
-p,--pam use pam (default)
-e,--encrypt password is already encrypted, this option will disable pam
-m,--md5 use md5 encryption, this option will disable pam
-v,--verbose enable verbose output

'Re password setting through script....' - MARC

> -----Original Message-----
> From: bill.thompson@GOODYEAR.COM [mailto:bill.thompson@GOODYEAR.COM]
> Sent: Friday, April 05, 2002 6:47 AM
> To: aix-l@Princeton.EDU
> Subject: Re: password setting through script....
>
>
> Saravanan,
>
> If you're talking strictly AIX boxes the freeware.aix.tools.rte lpp
> contains a program called chpass that allows this functionality.
>
> If you're attempting to do this on other flavors of UNIX, you
> can download
> and install expect on all the systems and write and expect script.
>
> Also, I've written a Perl script (no extra modules needed)
> that will change
> a password on AIX (tested through 4.3.3), HP-UX (tested
> through 11.11), and
> Solaris (tested through version 8). It allows you to specify
> a clear text
> or previously encrypted password and has the option to force
> the user to
> change their password at next loggin. Here's a portion of the
> usage screen:
>
> Usage: chpasswd [-e] [-f] username [password]
>
> PARAMETERS
>   -e         Do not encrypt password it's already encrypted
>                (default is to encrypt password)
>
>   -f         Force user to change password at next login (by default,
>              chpasswd will NOT require the user to change the password
>              at next login)
>
>   username   A string that identifies this user account on the system.
>
>   password   Password (in clear text unless -e was specified)
>
> I'd be happy to send you a copy if you're interested however the typical
> disclaimer applies - I cannot guarantee this will work for you and neither
> I nor my company can be held responsible for anything the script may do,
> blah, blah, blah.
>
> Bill Thompson
> Sr UNIX Systems Admin
> Goodyear Tire & Rubber Co
>
> Contains Confidential and/or Proprietary Information.
> May Not Be Copied or Disseminated  Without Express Consent of
> The Goodyear
> Tire & Rubber Company.
>
> AIX-L Archives: http://marc.theaimsgroup.com/?l=aix-l&r=1&w=2
 

setting a user passwd

------=_NextPart_000_0017_01C58E2E.B5569F80
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi, I am developing a program that sets passwd for any user but i dont =
want the operator sets the passwd. I want to give it as a result of a =
function

[victor [at] mail victor]$ perl passwd.pl victor1

#!/usr/bin/perl
$usuario=3D$ARGV[0];
$passwd=3D"PASSWDGENERATEBYOTHERFUNCTION"
`sudo /usr/sbin/useradd -c $usuario -s /sbin/nologin $usuario`;
`sudo /usr/bin/passwd $usuario`;

I could add the user, but in the set passwd line.
When I use this script always I have a prompt of password assigment that =
I dont want. Could you give me some light of what can I do?

Thanks in advance,

Victor

------=_NextPart_000_0017_01C58E2E.B5569F80--

Victor Pezo [ Fr, 22 Juli 2005 02:59 ] [ ID #891114 ]

RE: setting a user passwd Victor Pezo wrote:
> Hi, I am developing a program that sets passwd for any user but i
> dont want the operator sets the passwd. I want to give it as a result
> of a function
>
> [victor [at] mail victor]$ perl passwd.pl victor1
>
> #!/usr/bin/perl
> $usuario=$ARGV[0];
> $passwd="PASSWDGENERATEBYOTHERFUNCTION"
> `sudo /usr/sbin/useradd -c $usuario -s /sbin/nologin $usuario`;
> `sudo /usr/bin/passwd $usuario`;
>
> I could add the user, but in the set passwd line.
> When I use this script always I have a prompt of password assigment
> that I dont want. Could you give me some light of what can I do?

The classic answer to this is to use the Expect module, because passwd(1)
historically has read only from /dev/tty.

However, if you're on Linux, passwd(1) has a --stdin option that lets you
supply the password via standard input. So you could write something like
(untested):

system "echo \Q$passwd\E | sudo /usr/bin/passwd --stdin \Q$usario\E";

--
To unsubscribe, e-mail: beginners-unsubscribe [at] perl.org
For additional commands, e-mail: beginners-help [at] perl.org
<http://learn.perl.org/> <http://learn.perl.org/first-response>

[SUMMARY] non-interactive password changing

From: Wales Wong (wawong@ouhk.edu.hk)
Date: Mon Aug 11 1997 - 04:44:19 CDT

• Next message: Josh Kuperman: "Summary: identd and pidentd"
• Previous message: Marina Daniels: "SUMMARY 2: compiling INN1.5.1sec2 -"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Dear Managers,
 

Thanks for all the prompt response.
 

Original question:
> Because of the system migration, I have to create a lot of
> users. This can easily be done by using useradd. The accounts
> created by useradd are locked until passwd is called to change
> the password.
>
> Unfortunately, I can't find a non-interactive way to
> change the password. It's a pain if I have to change
> the password manually.
>
> Question:
> Is there any menthod that I can change the passwords of 300+ users with little pain?
 

Answers:
 

I received valuable help from:
Kumara Swamy-WIPRO-NA <mrk@india.ti.com>
Stefan Voss <s.voss@terradata.de>
Stephen Harris <sweh@mpn.com>
and those I haven't received yet.

With the help from one of my colleague, I solve my problem by
writing a simple expect script. The env variables UNAME and UPASS
carry the username and password respectively.

#!/usr/local/bin/expect -f
set username $env(UNAME)
set password $env(UPASS)
spawn passwd $username
expect "New password:"
send "$password\r"
expect "Re-enter new password:"
send "$password\r"
send "exit\r"
expect eof

Managing Passwords

Changing Passwords in a Batch

On a large system, there might be times when a large number of users and their passwords need some attention. The super user can change passwords in a batch by using the chpasswd command, which accepts input as a name/password pair per line in the following form:

$ sudo chpasswd username:password

Passwords can be changed en masse by redirecting a list of name and password pairs to the command. An appropriate shell script can be constructed with the information gleaned from Chapter 15.

However, Ubuntu also provides the newusers command to add users in a batch from a text file. This command also allows a user to be added to a group, and a new directory can be added for the user, too.

Hi Managers,

Here is the more compact version updated script . Thanks to "Andrew
Hall" for advising me to use case statement. This avoids using NFS mount.

#!/usr/bin/ksh -x
########################################################################
########
#Script Written on 27th June 05 .
#This script is used to change the root password of all unix hosts
#Make sure /usr/sysadm/scripts/minoti/all-hosts is updated with live
hosts before running this script
########################################################################
#######
 

for i in `cat /usr/sysadm/scripts/minoti/test-hosts`
do
OS=`remsh $i uname`
case $OS in
SunOS) rsh $i "rm /tmp/shad*"
        rsh $i "cp -p /etc/shadow /etc/shadow.2706"
        rsh $i "cat /etc/shadow|grep -v root>/tmp/shad1"
        rsh $i "echo "root:1EDHxu0aw6jRE:12958::::::">/tmp/shad2"
        rsh $i "cat /tmp/shad1>>/tmp/shad2"
        rsh $i "cp /tmp/shad2 /etc/shadow"
        rsh $i "/usr/sbin/pwconv"
        rsh $i "chown root:sys /etc/shadow"
        rsh $i "chmod 400 /etc/shadow"
;;
HP-UX) rsh $i "rm /tmp/shad*"
        rsh $i "rm /tmp/pass*"
        rsh $i "cp -p /etc/passwd /etc/passwd.2706"
        rsh $i "cat /etc/passwd|grep -v root>/tmp/shad1"
        rsh $i "echo "root:WkmiDJgfPbUB.:0:3::/:/sbin/sh">/tmp/shad2"
        rsh $i "cat /tmp/shad1>>/tmp/shad2"
        rsh $i "cp /tmp/shad2 /etc/passwd"
        rsh $i "chown root:other /etc/passwd"
        rsh $i "chmod 444 /etc/passwd"
;;
Linux) rsh $i "rm /tmp/shad*"
        rsh $i "cp -p /etc/shadow /etc/shadow.2706"
        rsh $i "cat /etc/shadow|grep -v root>/tmp/shad1"
        rsh $i "echo
'root:"$"1"$"hluzjp3u"$"bwx/ZLLAM4qANpMXTvBLz1:12961:0:99999:7:::'>/tmp/
shad2"
        rsh $i "cat /tmp/shad1>>/tmp/shad2"
        rsh $i "cp /tmp/shad2 /etc/shadow"
        rsh $i "/usr/sbin/pwconv"
        rsh $i "chown root:root /etc/shadow"
        rsh $i "chmod 400 /etc/shadow"
;;
IRIX*) rsh $i "rm /tmp/shad*"
        rsh $i "/sbin/cp -p /etc/shadow /etc/shadow.2706"
        rsh $i "/sbin/cat /etc/shadow|grep -v root>/tmp/shad1"
        rsh $i "/sbin/echo "root:kN6gTIyyu5foo:12958::::::">/tmp/shad2"
        rsh $i "/sbin/cat /tmp/shad1>>/tmp/shad2"
        rsh $i "/sbin/cp /tmp/shad2 /etc/shadow"
        rsh $i "/sbin/pwconv"
        rsh $i "chown root:sys /etc/shadow"
        rsh $i "chmod 400 /etc/shadow"
;;
*) echo "platform $OS not supported"
;;
esac
done
 

Regards
Minoti Koul
 

-----Original Message-----
From: Andrew Hall [mailto:halla3@corp.earthlink.net]
Sent: Friday, June 24, 2005 6:20 PM
To: Koul, Minoti
Subject: Re: SUMMARY: Script for changing the password
 

FYI,
 

If you want to only have one pass.sh script you could do this
 

#!/bin/sh
 

case $1 in $OS
    "HP-UX")
          hppass.sh contents here
          ;;
    "SunOS")
          sunpass.sh contents here
          ;;
       "IRIX64")
          sgipass.sh contents here
          ;;
       "Linux")
          linuxpass.sh contents here
          ;;
          *)
             echo "I don't know about $OS"
             exit 1
             ;;
esac

Basically you would have one script that is run on each machine and runs
the appropriate code based upon $OS. And to take it a step further, you
could change your "if [ $OS =" lines to a case statement. Just and FYI
hoping to help.

HTH,

Drew

Koul, Minoti wrote:
 

> Thanks for all the valuable replies I got .
>
>1.Anthony D'Atri [aad@verio.net]
>2.Tony van Lingen [tony.vanlingen@epa.qld.gov.au] 3.Tim Evans
>[tkevans@tkevans.com] 4.Polachak, Jason M CTR NAVSEA
>[jason.polachak.ctr@navy.mil#### Jason,Let me know if it helps
>5.JULIAN, JOHN C (AIT) [jj2195@sbc.com] 6.Andrew Hall
>[halla3@corp.earthlink.net] 7.Brad_Morrison@capgroup.com 8.David Ledger
 

>[dledger@ivdcs.co.uk] 9.Shaw, Kevin [Kevin.Shaw@CAX.USA.XEROX.COM]
>
>I should have mentioned in my original post that mine was hetrogeneous
>env. Solaris,HP-UX,AIX,SuSE,RedHat,SGI.....
>Lot of people recommended using expect but installing expect on all
>platforms was a huge effort.This is how I finally did (again a crude
>way as I had called in my original post)
>
>
>root@pnqccase2:>cat changepass.sh
>###################################################################
>
>#!/usr/bin/ksh -x
>for i in `cat /usr/sysadm/scripts/minoti/all-hosts` # 200 odd unix
>systems do OS=`remsh $i uname`
>
> if [ $OS = "HP-UX" ]
>then
> rsh $i "/u/koulmin/scripts/hppass.sh" #/u/koulmin is an
>automount
>fi
>
> if [ $OS = "SunOS" ]
>then
> rsh $i "/u/koulmin/scripts/sunpass.sh"
>fi
>
> if [ $OS = "IRIX64" ]
>then
> rsh $i "/u/koulmin/scripts/sgipass.sh"
>fi
>
> if [ $OS = "Linux" ]
>then
> rsh $i "/u/koulmin/scripts/linuxpass.sh"
>fi
>done
>#######################################################################
>#
>#####
>Here are the contents of /u/koulmin/scripts/sunpass.sh
>
>#/bin/ksh -x
>rm /tmp/shad*
>cp -p /etc/shadow /etc/shadow.2406
>cat /etc/shadow|grep -v root>/tmp/shad1 echo
>"root:1EDHxu0aw6jRE:12958::::::">/tmp/shad2 #encripted string of
>changed password.
>cat /tmp/shad1>>/tmp/shad2
>cp /tmp/shad2 /etc/shadow
>/usr/sbin/pwconv
>chown root:sys /etc/shadow
>chmod 400 /etc/shadow
>#######################################################################
>#
>########
>Here are the contents of /u/koulmin/scripts/hppass.sh Remember HP-UX
>does not maintain shadow file
>
>root@pnqccase2:>cat /u/koulmin/scripts/hppass.sh #/bin/ksh -x rm
>/tmp/shad* rm /tmp/pass* cp -p /etc/passwd /etc/passwd.2406 cat
>/etc/passwd|grep -v root>/tmp/shad1 echo
>"root:WkmiDJgfPbUB.:0:3::/:/sbin/sh">/tmp/shad2
>cat /tmp/shad1>>/tmp/shad2
>cp /tmp/shad2 /etc/passwd
>chown root:other /etc/passwd
>#######################################################################
>#
>#############
>And so on for all platforms
>
>Thanks once again to all who spared some time to share their valuable
>inputs.
>

>-----Original Message-----
>From: sunmanagers-bounces@sunmanagers.org
>[mailto:sunmanagers-bounces@sunmanagers.org] On Behalf Of Koul, Minoti
>Sent: Wednesday, June 22, 2005 11:03 AM
>To: sunmanagers@sunmanagers.org
>Subject: Script for changing the password
>
>Hi Managers,
>I am in a situation wherein I have to change root password of 100 odd
>unix boxes. I wanted to do the same via a script.
>
>I used to do it the crude way
>#!/bin/ksh -x
>cp -p /etc/shadow /etc/shadow.11
>cat /etc/shadow|grep -v root>/tmp/shad1 echo
>"root:O75xmUttfitCw:12794::::::">>/tmp/shad2 ## here I am echoing the
>encripted string for new password"
>cat /tmp/shad1>>/tmp/shad2
>cp /tmp/shad2 /etc/shadow
>/usr/sbin/pwconv
>chown root:sys /etc/shadow
>chmod 400 /etc/shadow
>
>I understand that we can input the new password via a script using !! .
>But have'nt been able to do this successfully.
>Can you please help out.

Re: Chpasswd Solution?: msg#00004

Subject: Re: Chpasswd Solution? List-id: Help list for people getting started with OpenSolaris <opensolaris-help.opensolaris.org>

* Matthew Alton <Simplicissimus-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> 
[2006-03-30 18:06]:
> Hiya folks,
> 
> I routinely use a utility called "chpasswd" on AIX and Red Hat Linux.
> I sure would like to use this utility on Solaris but it does not exist
> and I can't seem to find a reasonable alternative.  I'll write the
> danged thing if I have to.  Do I have to?  Enquiring minds want to
> know.
> 
> Here the spec.  Syntax: chpasswd [ -e | -h ].  Pretty simple stuff in
> theory.  The "e" switch tells the program that we are passing it an
> already encrypted password, so use it verbatim, otherwise we use
> crypt(3) on "password."  The "h" switch get you the usage blurb.  The
> program simply reads "username:password" pairs from stdin and changes
> the system password of "username" to "password" of all things.  The
> glory of the thing is that it is scriptable so you can do cute things
> like "cat foo.txt | chpasswd" and no, it won't work with "passwd"
> because that program makes sure you're not piping to it.  I'm truly
> not interested in PAM and NIS.  If I write this thing, it's going to
> lock and alter /etc/passwd and /etc/shadow and call it a day.  No root
> UID?  Whine & fail.  Frankly, I find PAM somewhat less than
> comprehensible.
> 
> I've found the "shadow" stuff and the CGIpaf and a few others.  These
> will provide reference material but not much else.  Is there a true
> chpasswd for Solaris?
> 
> I'm going to write the thing, amn't I?  Well, when I do, I'll post it
> here.  That'll do some good, right?

  As far as I know, we don't have chpasswd in OpenSolaris.  The
  PAM/passwd folks will definitely know--they will be listening in the
  Security community, if they aren't watching here.

  You can also submit a bug to the bug database, so that the whole
  community.  See

  http://bugs.opensolaris.org

  (You must be a registered user to submit a bug.)

  - Stephen

-- 
Stephen Hahn, PhD  Solaris Kernel Development, Sun Microsystems
stephen.hahn-xsfywfwIY+M@xxxxxxxxxxxxxxxx  http://blogs.sun.com/sch/

General Solaris 10 Discussion - chpasswd

chpasswd   
Jan 16, 2007 2:39 AM

 

Hi All

does sun have an equivalent to the chpasswd in linux?  mAbrante
Posts:1,595
Registered: 8/19/05

Re: chpasswd   
Jan 16, 2007 3:26 AM (reply 1 of 6)

Not as such (at least not that i know of). But its probably an quite easy script to write. As an alternative you can edit the /etc/passwd file manually or use usermod.

.7/M.

 samscreen
Posts:6
Registered: 2/13/05

Re: chpasswd   
Jan 17, 2007 12:43 AM (reply 2 of 6)

yip but with chpasswd you can use excel to import all the users names then put in a password and copy down for the 1000 users and run it through the command and all the passwords are changed.

really great when you are installing a system and have setup the users now have to setup a specific password for the users.

 mAbrante
Posts:1,595
Registered: 8/19/05

Re: chpasswd   
Jan 17, 2007 5:49 AM (reply 3 of 6)
Can't you just copy the passwd/shadow files from another system in that case? Or implement a namingservice.

.7/M.

 alan.pae
Posts:540
Registered: 9/6/06

Re: chpasswd   
Jan 17, 2007 1:50 PM (reply 4 of 6)

what does chpasswd do said the non lnux person.

alan

 mAbrante
Posts:1,595
Registered: 8/19/05

Re: chpasswd   
Jan 18, 2007 6:44 AM (reply 5 of 6)
Relevant question. A person i know who have a linux box sent me the following extract from the manpage.

NAME
chpasswd - update password file in batch

SYNOPSIS
chpasswd [-e]

DESCRIPTION
chpasswd reads a file of user name and password pairs from
standard input and uses this information to update a group
of existing users. Without the -e switch, the passwords
are expected to be cleartext. With the -e switch, the
passwords are expected to be in encrypted form. Each line
is of the format

user_name:password

The named user must exist. The supplied password will be
encrypted as necessary, and the password age updated, if
present.

This command is intended to be used in a large system
environment where many accounts are created at a single
time.
 

.7/M.

 alan.pae
Posts:540
Registered: 9/6/06

Re: chpasswd   
Jan 18, 2007 1:13 PM (reply 6 of 6)

I've never heard of anything like this for Solaris. Even a naming service doesn't fit the bill as they still require you to enter the passwords, clear text, by hand, and then they are converted to some hash.

You could try compiling chpasswd on Solaris, or if it's a script file, you could just try running the script. A test box would be great for this endeavor.

If not, then it sounds like you could write some code that parses a filenowadays.

Looks like you're going to need a coder for this one.

alan

Changes password for users.

chpasswd [ -R load_module ] [ -e ] [ -f flags | -c ]

The chpasswd command administers users' passwords. The root user can supply or change users' passwords specified through standard input. Each line of input must be of the following format.

username:password

Only root users can set passwords with this command.

By default, the chpasswd command sets the ADMCHG flag for the users. The -f option may be used with other valid flags to override the default. The -c option clears all password flags.

The password field can be cleartext or a value encrypted with the crypt algorithm. The -e option indicates that passwords are of encrypted format. Please note that all passwords in a batch must conform to the same format.

Flags

-c	Clears all password flags.
-e	Specifies that the passwords are of encrypted format.
-f flags	Specifies the comma separated list of password flags to set. Valid flag values are: ADMIN, ADMCHG, and/or NOCHECK. Refer to the pwdadm command documentation for details about these values.
-R load_module	Specifies the loadable I&A module used to change users' passwords.

Security

Access Control: Only root users should have execute (x) access to this command. The command should have the trusted computing base attribute.

Examples

1. To set passwords for users from the command line, type:

   chpasswd

   Followed by entering username:password pairs, one pair per line. Enter CTRL+D when finished.

   user1:passwd1
   user2:passwd2
   CTRL+D

2. To set passwords for users contained in a file named mypwdfile, type the following:

   cat mypwdfile | chpasswd
   

   Note that mypwdfile must contain username:password pairs; one pair per line. For example:

   user1:passwd1
   user2:passwd2
   ...
   

Files

Mode	File	Description
	/etc/user/bin/chpasswd	Location of the chpasswd command.
rw	/etc/passwd
rw	/etc/security/passwd
r	/etc/security/user

#!/usr/local/bin/expect -- # wrapper to make passwd(1) be non-interactive # username is passed as 1st arg, passwd as 2nd # Executable only by root set password [lindex $argv 1] spawn /usr/bin/passwd [lindex $argv 0] expect "password:" send "$password\r" expect "password:" send "$password\r" expect eof But when I run it, it still prompted the line "Retype new Unix password". How can I run it without the above line? Pls. recommend me Thank you so much

Have you looked at using usermod instead of passwd? Are you using passwd because this is a homework assignment? man usermod

#!/bin/bash
# Script to update user password in batch mode
# You must be a root user to use this script
# -------------------------------------------------------------------------
# Copyright (c) 2005 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# ----------------------------------------------------------------------
# /root is good place to store clear text password
FILE="/root/batch.passwd"

# get all non-root user account
# By default on most linux non-root uid starts
# from 1000
USERS=$(awk -F: '{ if ( $3 >1000 ) print $1}' /etc/passwd)

# create file with random password
echo "Generating file, please wait..."

# overwrite file
>$FILE

for u in $USERS
do
   p=$(pwgen -1 -n 8) # create random password
   echo "$u:$p" >> $FILE # save USERNAME:PASSWORD pair
done
echo ""
echo "Random password and username list stored in $FILE file"
echo "Review $FILE file, once satisfied execute command: "
echo "chpasswd < $FILE"

# Uncomment following line if you want immediately update all users password,
# be careful with this option, it is recommended that you review $FILE first
# chpasswd < $FILE
 

Recommended Links

---

In case of broken links please try to use Google search. If you find the page please notify us about new location

• AIX chpasswd manpage
• chpasswd - Linux Command - Unix Command
• chpasswd
• chpasswd(8)
• Linux Command Directory chpasswd - O'Reilly Media