Change password shell script

by on April 10, 2008 · 17 comments

  1. #!/usr/local/bin/expect -f
  2. # Password change shell script, tested on Linux and FreeBSD
  3. # ----------------------------------
  4. # It need expect tool. If you are using Linux use following command
  5. # to install expect
  6. # apt-get install expect
  7. # FreeBSD user can use ports or following command:
  8. # pkg_add -r -v expect
  9. # ----------------------------------
  10. # If you are using linux change first line
  11. # From:
  12. #!/usr/local/bin/expect -f
  13. # To:
  14. #!/usr/bin/expect -f
  15. # -----------------------------------------------
  16. # Copyright (c) 2006 nixCraft project
  17. # This script is licensed under GNU GPL version 2.0 or above
  18. # -------------------------------------------------------------------------
  19. # This script is part of nixCraft shell script collection (NSSC)
  20. # Visit http://bash.cyberciti.biz/ for more information.
  21. # -------------------------------------------------------------------------
  22. # display usage
  23. if {$argc!=2} {
  24. send_user "usage: $argv0 username password \n"
  25. exit
  26. }
  27. # script must be run by root user
  28. set whoami [exec id -u]
  29. if {$whoami!=0} {
  30. send_user "You must be a root user to run this script\n"
  31. exit
  32. }
  33. #
  34. set timeout -1
  35. match_max 100000
  36. # stopre password
  37. set password [lindex $argv 1]
  38. # username
  39. set user [lindex $argv 0]
  40. # opem shell
  41. spawn $env(SHELL)
  42. # send passwd command
  43. send -- "passwd $user\r"
  44. expect "assword:"
  45. send "$password\r"
  46. expect "assword:"
  47. send "$password\r"
  48. send "\r"
  49. expect eof


4000+ howtos and counting! If you enjoyed this article, join 45000+ others and get free email updates!

Click here to subscribe via email.

  • Tamilan

    Long story short.

    echo $password | /usr/bin/passwd –stdin user1

  • mi6oo2

    Um, yea Tamilan – that doesn’t actually work. Did you try it yourself? All it does on my machine is remove a shell from the test user and not change the password.
    The problem I’m running into with the above script is that it isn’t properly returning to the cli when done. In fact it is a pain in the ass to run within another script.

  • goteguru

    chpasswd is your friend:
    echo username:password | chpasswd

    You can even do
    cat passlist.txt | chpasswd
    where passlist.txt is a newline delimited list of username:password pairs.

  • Fred

    All of these are bad ideas. You do not want your password being processed via the shell. Most shells keep a history file of commands executed – and this will show up in them. In general, you do not want your password saved in cleartext anywhere, regardless of file system controls.

  • Vlad (Small Business Blog)

    Fred,
    so executing history -c at the end would not help? Checked on my machine and it works.

  • Obxnux

    Hi, I would like to know how can I make a script for change root password using crontab. Thank you

  • Luke

    Ok, I’m trying to create a script that crontab will run every day that changes root pass to a random 20 digit string. (obxnux, I think we’re wanting something similar) I have tried chpasswd, but it doesn’t work, sets root pwd to nill. (don’t worry, I’ve rectified that before this post) My script’s at the end, what am I doing wrong??

    #!/bin/bash
    iam=$(whoami)
    pass=> /root/pass
    cat /root/pass | chpasswd
    rm -f /root/pass
    else
    sudo echo root:$pass >> /root/pass
    sudo cat /root/pass | chpasswd
    sudo rm -f /root/pass
    fi
    exit 0 #the only way you should ever exit script

  • Luke

    THAT is not my script?? Lemme try again…

    #!/bin/bash
    iam=$(whoami)
    pass=> /root/pass
    cat /root/pass | chpasswd
    rm -f /root/pass
    else
    sudo echo root:$pass >> /root/pass
    sudo cat /root/pass | chpasswd
    sudo rm -f /root/pass
    fi
    exit 0

  • Luke

    I’m begining to think there’s something wrong here, under the “iam” line is supposed to be one that assigns a random 20 digit phrase to $pass?? why won’t it post correctly?
    #!/bin/bash
    iam=$(whoami)
    pass=> /root/pass
    cat /root/pass | chpasswd
    rm -f /root/pass
    else
    sudo echo root:$pass >> /root/pass
    sudo cat /root/pass | chpasswd
    sudo rm -f /root/pass
    fi
    exit 0

  • rogi

    Without „set timeout -1“ this script working well, you have just to wait some seconds.

  • f varas

    Thanks!!
    Worked for me.

  • Leonardo

    chage -d 1 user_name —> with this you need to change your password every day force by the root-

  • text

    THANKS ! WORKS HERE 2

  • Mark

    Epic Win!!!
    Works here 3
    Thanx

  • Frank

    The password command doesn’t store the information in clear text. Running a history command will not return with:

    17: passwd 123456

    The user can’t even see if they’re typing in the password correctly so really the only way someone could get the password is if they were watching you type it in and you were a somewhat slow and “distinguished” typist.

  • lokeshw24

    Doesnt work here 1 :(

    It gave the following error :
    echo one:different | chpasswd ( “one” is username & “different” is the new password i wish to give it )
    Changing password for one.
    chpasswd: (user one) pam_chauthtok() failed, error:
    Authentication token manipulation error
    chpasswd: (line 1, user one) password not changed

    Pls help ….

  • Blackuser

    Hi,

    best would be to edit the script:

    send -- "passwd $user\r"

    to

    send -- "LC_ALL=C passwd $user\r"

    The script is universally usable after that change. Otherwise the script wont run for german e.g. I edited, and it works perfectly for ubuntu.

    Edited by Admin: Added pre tags to the code.

Previous Script:

Next Script: