Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Ok, I know about 'chage' to age passwords on the system, but what I need to do is force a password reset system wide instantly at any given time by invoking some command or script. does anyone have such a script or know of a command that I can use for this?
The system will not be using PAM for authentication, only /etc/passwd
Thanks! (p.s. - aging is not installed on this system)
one other thing, this system has hundreds of users so maybe there is a way to strip the /etc/passwd file of all characters before the first ':' and put them into a temp file that gets read by another script which executes the 'passwd -f <username>' function on each name (which would probably take some)?
thanks again! hope to hear from someone about this one, would save some major headaches.
wow... i can almost see an application for what you are trying to do... but not for EVERY user on the system... what if you accidentially automatically reset root pwd?
i would script something to generate/change given usernames' passwords... perhaps maintain a file of usernames for this purpose...
maintaining a userfile would be a good idea, but what would the script look like for it? =) im giving google a good work out trying to find some examples on this.
here's my two second untested solution... hope it sets you in the right direction...
Code:
#!/bin/bash
FILENAME=/root/users
## where one line= one username
for user in $FILENAME
do
passwd $user new!pass
done
## won't work right away: not strong enough password
## to work without re-prompt
very cool. thank you, i will give it a try right now.
actually would using 'passwd -f $user' work also? this is actually all i really need to do as this would force the users to choose their new password on next login.
if you're maintaining the user file, and only root has access to it, i wouldn't worry about the uid range... but a "failsafe" might be to include a clause for not resetting root pwd (but if a normal user was able to run this in the first place, i'd assume they already did major damage, and couldn't get much worse). good thought -- nice to know you're actively trying to solve this, rather than relying on my casual input.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.