Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi Guys,
I'm running postfix mail server. It's using /etc/passwd auth. Everything is working charm and currently I'm in a need to add users in bulk around 2000. It's not possible to add all the users by typing commands. With the users list I have append the useradd command and made a simple script. All the users have added. But now the problem is to set password for those password. I can use the same formula I used to add the users. But in passwd -p option requires the encrypted password. If I can able to set any common password means it's also fine. But user name is different.
Anybody know how to achieve this with script or any easy method?
I belive you should be able to use that "passwd" alternative you mentioned. Just create a user X with a password "secret" or something. Copy the encrypted string for user X from /etc/shadow, and use that string as input to the "passwd" or "usermod" command.
You need to use something like crypt to create the encrypted password.
Example perl script:
Code:
#!/usr/bin/perl
use strict;
my $SALT="FEWge%r~aNjg3q4$%£";
my $user="testuser1";
my $pass="Testing";
my $encrypted=crypt($pass, $SALT);
system("useradd -p $encrypted -m $user");
Obviously, I am not suggesting that you use such an easy password, or even the same password for each account.
Also you probably should change the salt, but keep in complex.
Also look at newusers to do any future job like this, & apg to generate passwords.
I forgot about newusers, been ages since I used it. apg is ok but not a default application on many servers. mkpasswd IS installed by default typically.
#!/bin/bash
for i in `cat unpw.csv`; do
UN=`echo $i | cut -f1 -d','`
PW=`echo $i | cut -f2 -d','`
ENCPW=`echo $PW | mkpasswd -s`
echo useradd -p $ENCPW -m $UN
done
I actually have mkpasswd installed on one of my servers, and as far as I can see (I may of course be wrong) it produces only unenctrypted passwords. What I would like is to be able to create encrypted passwords but not having to do this by creating a users first and using the passwd command. Any suggestions?
To me it seems like mkpasswd only creates a random password, not a encrypted password:
Code:
[root@server ]# echo Password|mkpasswd
7p%awJN9o
mkpasswd uses a random SALT when one is not provided. If you provide a salt then it gets the same results time after time.
Try:
Code:
mkpasswd Password Sm
Quote:
Originally Posted by kenneho
An encrypted password, at least for use in the /etc/shadow file, should be prefixed with a "$1$".
The encrypted password in the /etc/shadow file does not have to begin "$1$", however, the algorithm that the passwd command uses creates an encrypted password starting "$1$". Passwords that do not start "$1$" will still work.
EDIT:- removed my first question as I realise it did not originate from the OP
Last edited by Disillusionist; 01-02-2009 at 07:16 AM.
I thought your original post stated "Currently I'm in a need to add users in bulk around 2000" ...
What are you intending to use the hashed password for?
I'm not the one who started the thread - I posted my first question in the middle of the thread. It's not easy keeping track of who posted what. To sum up my question: I'd like to encrypt passwords without having to actually add the clear text password to "passwd".
Anyway, I've come accross cases where I need to create an encrypted password for a user, and to accomplish this I've had to run the clear text password through "passwd <someuser>" to get the hashed password. I've had to use this approach on the few servers we've got that doesn't use LDAP.
Quote:
mkpasswd uses a random SALT when one is not provided. If you provide a salt then it gets the same results time after time.
Try:
Code:
mkpasswd Password Sm
The encrypted password in the /etc/shadow file does not have to begin "$1$", however, the algorithm that the passwd command uses creates an encrypted password starting "$1$". Passwords that do not start "$1$" will still work.
Thanks for the info on passwd and "$1$" - didn't know that omitting "$1$" would work.
Sorry, I realised my mistake whilst you were composing your reply.
Quote:
To sum up my question: I'd like to encrypt passwords without having to actually add the clear text password to "passwd".
You could use usermod -p $ENCPW $UN so long as you have a valid encrypted password but you're going to need to create that encrypted password somewhere.
Quote:
Thanks for the info on passwd and "$1$" - didn't know that omitting "$1$" would work.
You can't just remove the begining of the encrypted password. What I was trying to say was that the encrypted password created by the passwd command starts $1$ but if you create an encrypted password (either using crypt as in my perl sample, or through mkpasswd) that will still be valid.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.