Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Reset unix passwords via Perl?

by jfroebe (Parson)
on Sep 20, 2010 at 22:16 UTC ( #860943=perlquestion: print w/replies, xml ) Need Help??
jfroebe has asked for the wisdom of the Perl Monks concerning the following question:

Hi all,

I have a hundred or so servers that I have logins that I need to reset the passwords every X days. The operating systems are Linux, AIX, Solaris and a couple BSDs. Currently I have a set of bash / expect scripts that work (sorta) but do not contain any real error handling. This is performed via ssh.

Does anyone know of any modules that would allow me to change a password on particular unix flavor? I would like to ssh into a box, determine what flavor it is, and then run that module. Of course this would be automated.

I'm just thinking that such a requirement would be very common but I didn't see anything in CPAN. I don't want to reinvent the wheel if I don't have to.

thanks :)

Jason L. Froebe

Blog, Tech Blog

Replies are listed 'Best First'.
Re: Reset unix passwords via Perl?
by biohisham (Priest) on Sep 21, 2010 at 06:01 UTC
    In addition to Khen's suggestion, there is another one that enables tackling Solaris password files. Check this page for a bunch of such modules.

    Excellence is an Endeavor of Persistence. A Year-Old Monk :D .
Re: Reset unix passwords via Perl?
by dasgar (Priest) on Sep 20, 2010 at 23:18 UTC

    I haven't used it, but I think that Net::SSH::Perl might be helpful. It looks like it lets you SSH to a remote server and issue commands while being able to retrieve the STDOUT, STDERR and exit code of commands that were issued.

    It should be simple to create a subroutine that uses this module to connect to a remote server, change the password, and log out. Then all you would need to do is call that for each server in your list. Might not be 100% what you're looking for, but I don't think that there would be whole lot of work to use this for your task.

Re: Reset unix passwords via Perl?
by Khen1950fx (Canon) on Sep 20, 2010 at 23:39 UTC
      Except that most, if not all, of the operating systems listed by the OP use a shadow password file to store the encrypted passwords. I did not get the impression Unix::PasswdFile deals with that.
Re: Reset unix passwords via Perl?
by MidLifeXis (Monsignor) on Sep 21, 2010 at 14:08 UTC

    It was not mentioned if you have root access or not while running this change script, so anything that directly modifies the passwd file (or its moral equivalent) may be out of the question.

    From a system safety (locks, race conditions), security (enforcing conditions for passwords in one location on a machine), and process standpoint (who knows if other wrappers have been placed around the passwd process), I would probably try something that can drive the OS-level passwd program on each host. This will probably be slower, however, than pushing a passwd entry out directly to each host.


Re: Reset unix passwords via Perl?
by elTriberium (Friar) on Sep 21, 2010 at 20:24 UTC

    You can use Expect to ssh to the remote hosts. This also lets you easily automate the (probably interactive) password-reset process.

    In short:

    - ssh to the host using Expect

    - run passwd

    - When asked for the password, send it through Expect

    - Done.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://860943]
Approved by toolic
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others rifling through the Monastery: (3)
As of 2018-10-24 00:19 GMT
Find Nodes?
    Voting Booth?
    When I need money for a bigger acquisition, I usually ...

    Results (127 votes). Check out past polls.