Write a file containing the list of user names and other details (e.g. comment, shell, skeleton directory and so on).
Write a shell script which iterates over this list. For each line it should also call makepasswd with the --crypt-md5 or --crypt option as appropriate for your system, saving the unencrypted password in a file with the username, which is cut up and given to users by whatever means you do that. Make sure the permissions on this file are such that only the root user can read or write it!
useradd should be called with the appropriate values and with the encrypted password value.
As long as you user the shell-internal echo command (note this is "print" if you use ksh, "echo" if you use bash), the un-encrypted password will not be visible in the process list.
I'm sure there are pre-written tools for this sort of thing, but it's good to know how to do it yourself.
A very simple version might look like this. Only the username, group and name are provided in the lilst of user file, which is called "userdata":
user1 users User One
user2 users User Two
user3 users User Three
And the script to process this would be something like this:
# Check the user_passwords file does not exist, fail if it does
if [ -a user_passwords ]; then
echo "user_passwords file already exists, but should not";
# create empty user_passwords file and make permissions safe
chmod 600 user_passwords
# read data from userdata and make accounts accordingly.
while read user group comment; do
makepasswd --crypt-md5 | while read pass passenc; do
echo "user = $user password = $pass" >> user_passwords
echo "" >> user_passwords
useradd -m -g $group -c "$comment" -p "$passenc" $user
done < userdata
And run the program as root to make the accounts and create user_passwords which contains the information you will ultimately give to the users.
Make sure you run this program in a directory which is owned by root, else the owner of the directory might be able to remove, rename or otherwise mess with the user_passwords file. It's best done in root's home directory, and that is best set so only root can see inside it.
I hope that helps.
Also, please note that I have never actually done this operation myself (except just now as a test). I'm sure there are other ways to do it, and maybe a seasoned sysadmin will say my method is not good for some reason. Ho hum.