LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-16-2013, 11:35 AM   #1
[root@localhost ~]#
LQ Newbie
 
Registered: Jan 2013
Location: /dev/null
Distribution: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 5.5
Posts: 6

Rep: Reputation: Disabled
Remote password change of Servers and Client on RHEL 5.5


I have somewhere around 30 clients and 19 servers running on RHEL 5.5. Managing root password for all of them becomes a headache sometimes. Also applying vnc password for all of them is also a pain.

Can someone please help me in updating password either remotely or something else. Also password for all the servers need to be different while I can keep the password for the clients all same.

At present I do a SSH to each server individually, enter root password and run passwd command and then enter new password, which takes lot of time.

Can there be some shortcut to this procedure?

Thanks for helping.
 
Old 01-16-2013, 12:18 PM   #2
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,604

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
There are alot of shortcuts, for these quick one-off tasks I use a script send function built into MtPUTTY.

If you use putty, I highly recommend downloading MtPuTTy. It is an extension which simply allows you to have multiple tabs and multiple ssh sessions open at the same time, so establish the ssh connection open your script box and type the command once and it will be sent to all servers that you select it to be sent.


You could look at config management tools such as Puppet to help keep things in sync and keep things configured easier.

Just a few suggestions, these sort of things can be tedious and are hard to get around. I use puppet in almost every environment, have a git repository that I check files out from if I need to change them. So I have quite a few users that are setup across my network and have to have passwords updated every 60 days. I do a git clone, edit the /etc/shadow file, commit the changes and do a puppet run and all of my servers get updated.
 
Old 01-16-2013, 12:30 PM   #3
[root@localhost ~]#
LQ Newbie
 
Registered: Jan 2013
Location: /dev/null
Distribution: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 5.5
Posts: 6

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Kustom42 View Post
There are alot of shortcuts, for these quick one-off tasks I use a script send function built into MtPUTTY.

If you use putty, I highly recommend downloading MtPuTTy. It is an extension which simply allows you to have multiple tabs and multiple ssh sessions open at the same time, so establish the ssh connection open your script box and type the command once and it will be sent to all servers that you select it to be sent.


You could look at config management tools such as Puppet to help keep things in sync and keep things configured easier.

Just a few suggestions, these sort of things can be tedious and are hard to get around. I use puppet in almost every environment, have a git repository that I check files out from if I need to change them. So I have quite a few users that are setup across my network and have to have passwords updated every 60 days. I do a git clone, edit the /etc/shadow file, commit the changes and do a puppet run and all of my servers get updated.
Thanks, as I see MTPuTTy is a windows based utility, whereas when I said I do a SSH I meant it from a linux machine so that I don't need to go to each server physically to change anything. If there is anything similar to MTPutty for linux or some shell script in linux for same then please share.

Moreover, implementing any third party management tool such as Puppet as you suggested will not be feasible as the system cannot be fiddled around with. I am more looking towards a application only or a script that can be executed without installing any client in each server and client.
 
Old 01-16-2013, 12:37 PM   #4
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,604

Rep: Reputation: 414Reputation: 414Reputation: 414Reputation: 414Reputation: 414
Without doing ssh in a for loop I don't see an alternate solution. You can use screen and send commands to all of your screen sessions although it can be a bit tricky. I would suggest you give MtPuTTy a try if you have a windows workstation that has network access to it. Once you add your servers in it is very very quick and efficient.
 
Old 01-16-2013, 12:41 PM   #5
[root@localhost ~]#
LQ Newbie
 
Registered: Jan 2013
Location: /dev/null
Distribution: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 5.5
Posts: 6

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Kustom42 View Post
Without doing ssh in a for loop I don't see an alternate solution. You can use screen and send commands to all of your screen sessions although it can be a bit tricky. I would suggest you give MtPuTTy a try if you have a windows workstation that has network access to it. Once you add your servers in it is very very quick and efficient.
Hmm. I do I have a Windows machine which has access to that network. Will give it a try tomorrow. Thanks for the help. If someone else can also give their input.
 
Old 01-16-2013, 01:43 PM   #6
shivaa
Senior Member
 
Registered: Jul 2012
Location: Grenoble, Fr.
Distribution: Sun Solaris, RHEL, Ubuntu, Debian 6.0
Posts: 1,800
Blog Entries: 4

Rep: Reputation: 286Reputation: 286Reputation: 286
You can create a small script to make your job little simple. Just login on any one RHEL machine, from where you can do a ssh on all remaining servers, and run your script:-
Code:
#!/bin/bash
SYSTEMS=/tmp/serverlist  # A list of system hostname, one per line
while read -r sys
do
ssh -l root@$sys passwd # For every system, it will ask you do enter corresponding root password + invoke passwd cmd
exit # Exits from the server
done < $SYSTEMS
 
Old 01-16-2013, 06:28 PM   #7
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,241

Rep: Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325
If you can't add a tool like Puppet, then yes, traditional soln is an ssh loop like the above for the servers.
For the clients (where you said they can be the same passwd, you can add the cmd
Code:
echo newpasswd | passwd --stdin
This accepts the plaintext newpasswd and feeds it to passwd cmd, which will not prompt for confirmation.
See man page.
 
Old 01-18-2013, 05:30 AM   #8
[root@localhost ~]#
LQ Newbie
 
Registered: Jan 2013
Location: /dev/null
Distribution: Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 5.5
Posts: 6

Original Poster
Rep: Reputation: Disabled
I have written following script which is working fine.
Code:
!#/bin/bash
for count in {1..10}
do
     ssh root@192.168.1.$count 'passwd >>EOF
     newpassword
     newpassword
     EOF
done
Now this script asks me password for root everytime it starts ssh to a new machine. Root password for all 10 machines i.e. 192.168.1.1 to 192.168.1.10 is same.

Is there anyway that I can pass existing password also to the script for ssh session?

Can this script be further refined and modified for betterment?
 
Old 01-18-2013, 08:45 AM   #9
lleb
Senior Member
 
Registered: Dec 2005
Location: Florida
Distribution: CentOS/Fedora
Posts: 2,630

Rep: Reputation: 495Reputation: 495Reputation: 495Reputation: 495Reputation: 495
just out of curiosity, why not setup ssh keys for root, then disable the root password on the systems. that would be assuming no one local would need root access.

this would eliminate the need to update the root p/w on the servers at least. as for the work stations, do you allow the end user full control over their workstation or no? if not then ssh keys again would be ideal as not only will it provide root level access, but will prevent the end user from gaining root access.

just a thought.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
RHEL 5 SAMAB password to synchronous with Windows XP Client johnmccarthy Linux - Newbie 2 11-07-2011 11:09 AM
[SOLVED] Comparing two remote directories in RHEL 5 servers. roi.levy Linux - Enterprise 1 10-17-2010 12:40 PM
Change password of linux servers remotely linux_bud Programming 2 11-26-2009 05:55 AM
Remote ssh without change password ust Linux - Software 1 10-05-2008 11:34 PM
Samba Remote Password Change Cottsay Linux - Software 1 06-12-2007 08:33 AM


All times are GMT -5. The time now is 08:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration