Shell script to change password of one user on 100+ servers

Hi everybody,
I am working at a place that has 100+ servers running Red Hat Linux and Solaris 10. I need a shell script that I can use to change my password on all the servers (though if it needs to be different for Linux and Soalris that is ok). I am new to shell scripting, only understand the basics. We have no centralized password management. Any help would be greatly appreciated.
goddessofcodeAsked:
Who is Participating?
 
parparovCommented:
LDAP or NIS are the way to maintain single users on multiple servers indeed.
You cannot automate password entry in Solaris in any way, since its usermod does not accept password argument unlike the Linux one.

A circumvention of this is Unix::PasswdFile module of perl (which will have to be installed on each destination machine).
0
 
jgiordanoCommented:
Do you have a tool that can be run on all one hundred servers?

0
 
omarfaridCommented:
you may try combination on ssh and expect to do so. But, are the passwords are the same on all servers?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
goddessofcodeAuthor Commented:
We don't have any tools yet. We only have ssh available to us. The passwords are all the same on the servers right now so if I put the old password into the script it would be ok.
0
 
goddessofcodeAuthor Commented:
These are all using "expect." It looks like it is something that I would have to install. Does it just get installed on the source server (the one I am changing passwords from) or does it have to be installed on all of them?
0
 
omarfaridCommented:
yes, if you don't have it already installed then you need to install it. What is the platform you use?
0
 
goddessofcodeAuthor Commented:
The source server would be Red Hat, I believe its 5.4. The target systems would be 4.x, 5.x, 6.x and Solaris 9, 10.
0
 
parparovCommented:
Expect only needs to be installed on the management server (source).
Expect is a scripting wrapper for shell commands sequences.

Can you use ssh key identification in the future?
0
 
goddessofcodeAuthor Commented:
We do use SSH keys, but if I need to elevate my rights with sudo I still need the password. It can be very difficult to get approval to install anything, so I am not sure that I will be able to get permission to install expect. Is there a way to do it from a shell script run from a server that has access to all the servers in question without expect, or is that the only way? (I am so looking forward to Red Hat Directory Server! lol)
0
 
omarfaridCommented:
I think expect should be the way to do it especially on solaris, you can not pass password to passwd command as a parameter nor you can do stdin redirect. Installing expect should not be difficult and your system admin should be understanding the need.

Having ldap for centralizing users management is good idea.
0
 
parparovCommented:
Actually, to change passwords in Linux in batch, you also need root, so I guess you can't get w/o Expect there too.

0
 
goddessofcodeAuthor Commented:
Yeah we are looking at LDAP (Red Hat Directory Server). It will be able to handle Linux and Solaris, I mainly was hoping to find something that would work in the meantime.
@omarfarid - I actually AM the system administrator. We have very strict limitations on what can and can't be installed. So when I said it would be difficult to get approval, I meant that it would be difficult to get approval based on my experience. Everything has to go through committee. I will just have to continue to do things the old fashioned way for now I guess.
0
 
woolmilkporcCommented:
Linux has chpasswd (I think Solaris has it too).

The format is

echo user:pass | chpasswd

while read hostname; do
 ssh -n root@$hostname 'echo user:pass | chpasswd'
done < /path/to/hostname_list


0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.