[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 395
  • Last Modified:

Shell script to change password of one user on 100+ servers

Hi everybody,
I am working at a place that has 100+ servers running Red Hat Linux and Solaris 10. I need a shell script that I can use to change my password on all the servers (though if it needs to be different for Linux and Soalris that is ok). I am new to shell scripting, only understand the basics. We have no centralized password management. Any help would be greatly appreciated.
0
goddessofcode
Asked:
goddessofcode
  • 5
  • 4
  • 3
  • +2
2 Solutions
 
jgiordanoCommented:
Do you have a tool that can be run on all one hundred servers?

0
 
omarfaridCommented:
you may try combination on ssh and expect to do so. But, are the passwords are the same on all servers?
0
 
goddessofcodeAuthor Commented:
We don't have any tools yet. We only have ssh available to us. The passwords are all the same on the servers right now so if I put the old password into the script it would be ok.
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
goddessofcodeAuthor Commented:
These are all using "expect." It looks like it is something that I would have to install. Does it just get installed on the source server (the one I am changing passwords from) or does it have to be installed on all of them?
0
 
omarfaridCommented:
yes, if you don't have it already installed then you need to install it. What is the platform you use?
0
 
goddessofcodeAuthor Commented:
The source server would be Red Hat, I believe its 5.4. The target systems would be 4.x, 5.x, 6.x and Solaris 9, 10.
0
 
parparovCommented:
Expect only needs to be installed on the management server (source).
Expect is a scripting wrapper for shell commands sequences.

Can you use ssh key identification in the future?
0
 
goddessofcodeAuthor Commented:
We do use SSH keys, but if I need to elevate my rights with sudo I still need the password. It can be very difficult to get approval to install anything, so I am not sure that I will be able to get permission to install expect. Is there a way to do it from a shell script run from a server that has access to all the servers in question without expect, or is that the only way? (I am so looking forward to Red Hat Directory Server! lol)
0
 
omarfaridCommented:
I think expect should be the way to do it especially on solaris, you can not pass password to passwd command as a parameter nor you can do stdin redirect. Installing expect should not be difficult and your system admin should be understanding the need.

Having ldap for centralizing users management is good idea.
0
 
parparovCommented:
LDAP or NIS are the way to maintain single users on multiple servers indeed.
You cannot automate password entry in Solaris in any way, since its usermod does not accept password argument unlike the Linux one.

A circumvention of this is Unix::PasswdFile module of perl (which will have to be installed on each destination machine).
0
 
parparovCommented:
Actually, to change passwords in Linux in batch, you also need root, so I guess you can't get w/o Expect there too.

0
 
goddessofcodeAuthor Commented:
Yeah we are looking at LDAP (Red Hat Directory Server). It will be able to handle Linux and Solaris, I mainly was hoping to find something that would work in the meantime.
@omarfarid - I actually AM the system administrator. We have very strict limitations on what can and can't be installed. So when I said it would be difficult to get approval, I meant that it would be difficult to get approval based on my experience. Everything has to go through committee. I will just have to continue to do things the old fashioned way for now I guess.
0
 
woolmilkporcCommented:
Linux has chpasswd (I think Solaris has it too).

The format is

echo user:pass | chpasswd

while read hostname; do
 ssh -n root@$hostname 'echo user:pass | chpasswd'
done < /path/to/hostname_list


0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 5
  • 4
  • 3
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now