Re: Setting user passwords non-interactively
On Sun, May 19, 2002 at 03:18:29PM +0200, Marcin Owsiany wrote:
> > I settled for a tip from greycat at #debian:
> >
> > usermod -p `mkpasswd --hash=md5 $cleartxtpw` $username
> >
> > That can easyly go work in perl as well naturaly....;)...
> >
> >
> > What do u guys think?
>
> Passing clear text passwords as program arguments is unsafe. Anyone who
> can see the process list may also see the password.
>
> I have once made a small PAM-based program which reads the old and new
> password from stdin and sets the new password if the old one matches.
> It used to be called from a perl script via perl's open().
>
> The code is very application-specific so would need some tweaking, and
> the comments are in Polish, but if anyone is still interested...
You could use chpasswd to update the password, chpasswd read the username
and password form stdin so the password isn't available in ps.
echo "user:password" | chpasswd
see man chpasswd (8) for more information
--
staf wagemakers
email: staf.wagemakers@advalvas.be
homepage: http://stafwag.netfirms.com
--
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: