Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

expect password change script help

Status
Not open for further replies.

hrp2010

MIS
May 16, 2007
15
US
Can someone help me out with expect script for mass password change...

Here is my script....

#!/usr/bin/expect --
spawn $env(SHELL)
expect -exact "\$ "
send -- "/usr/bin/ssh [lindex $argv 0] 'passwd hp '\r"
expect "Password:"
send "rep123"
expect "New Password:"
send "rep123"
expect "Re-enter new Password:"
send "rep123"
expect "Password:"
send -- $env(PASS)\r
expect "\$ "

-------------------------

from my console i am running following....

for i in `cat linux.lst` ;do ./khp root@$i ; done

Following apperas on my screen...

spawn /bin/ksh
# /usr/bin/ssh root@ub1nas3p 'passwd hp '
Password:
Password:

and password does not change. though i have specified the argument in the script that about password, new password and Re-enter new password. i dont understand why its asking password twice and does not change the password ?

Your help is highly appericated.

Thanks
HP



 
The Password: prompt you are getting is from doing ssh root@ub1nas3p

it is asking for the root password
not "passwd hp"

leave out the ssh root@ub1nas3p
if you are running this from root, you only need
passwd xxx for each login

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
Thank you for the quick reply.

Basically i am trying to chagne the password of remote system "ub1nas3p" where user "hp" exsist. so that why i am trying to do ssh root@ub1nas3p .

I also exported the password for root on the command prompt.

# export PASS='xyz' --- root password.
 
normally, you cannot ssh and login to a system as root, unless you allow it in the receiving system.

Here are 3 different scenarios to the same remote linux system from a solaris 10

Denied
drsun [601486]-> ssh root@192.168.0.104
Connection closed by 192.168.0.104

Authentication setup for bsh login in the authorized_keys file.
drsun [601492]-> ssh bsh@192.168.0.104
Last login: Sun Jan 25 13:42:42 2009 from drsun
cracker4 [1415]-> q
Connection to 192.168.0.104 closed.

Authentication not setup for ksh login in the authorized_keys file, so it needs manual authentication.
drsun [601493]-> ssh ksh@192.168.0.104
ksh@192.168.0.104's password:
Last login: Thu Jan 29 15:22:08 2009 from cracker4
cracker4 [28]->



A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
try the ssh root@ub1nas3p manually and see if it will let you access the server and if it prompts for root password

what version of linux in ub1nas3p?

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
1. I am running this script from RHEL 4.0 ( LINUX ) to reset
the password in solaris 8.0. I have all the remote
servers are solaris 8.0.

2. while ssh root@ub1nas3p , it ask me for the password.


Thank you very much sir for your quick quick replies.

Appericate.
 
now i have moved this sciprt to the server from where i can
login to the box where it does not ask for the password
and while running this script i am getting following error.

[root@jpylinux hp]# /usr/bin/ssh root@ub1nas3p 'passwd hp '
Permission denied
[root@jpylinux hp]# rep123rep123rep123PASS
(read trace on "env(env)")
invoked from within
"send -- $env(PASS)\r"
(file "./khp" line 12)

So i have two scenario now one sever without ssh keys and one server with ssh keys. if it works from any of the server, will be good.
 
you can change /etc/default/login to allow non console login by root.

# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
CONSOLE=/dev/console

# PASSREQ determines if login requires a password.
#
PASSREQ=YES

# ALTSHELL determines if the SHELL environment variable should be set
"/etc/default/login" [Read only] 77 lines, 2258 characters


I still think you need to leave off the ssh root@xxxx if your in the server you are changing passwords on.


A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
I am not trying to change the password on the server where i am running this script. i am running this script from linux server in order to change the password on solairs. so that is the reasony why i put ssh function inside the script. i verifed /etc/default/login and this is as per already set as per your suggestions.
 
# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
CONSOLE=/dev/console

change to
#CONSOLE=/dev/console


A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
I am on solaris 10

If I change /etc/default/login like shown, reboot, and try ssh root@server I am prompted for password but I fail to authenticate. If I use ssh root@server from the linux SE 4 to my solaris 10, I am prompted for password but I fail to authenticate.

can you do ssh root@server from the server and authenticate?
manually?



A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
I am able to authenticate to the solaris box manually by just running ssh root@ub1nas3p from the linux server. it ask me for the password and once i supply root password i am able to get in to the box.
 
So, then, does this work from linux, manually?
If it does, the expect script part should not be difficult.

/usr/bin/ssh root@ub1nas3p 'passwd hp'

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
I am getting follwoing error..

root@lb1oralog2p hp]# /usr/bin/ssh root@ub1nas3p 'passwd hp'
Password:
Permission denied

This is am running from linux box where i dont have keys.

and same error while running from the linux server where ssh keys are configured so it can go without password.

[root@jpylinux hp]# /usr/bin/ssh root@ub1nas3p 'passwd hp'
Permission denied

question is why permission denied. what is preventing it ?
 
that password prompt is for the root password, correct?

If you were in the server as root and did "passwd ht" you would not be prompted for Password: but New password:

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
Thats true. i supplied the password and it gives me the permission denied.

LOCALLY ON THE "ub1nas3p" - soalris 8 box, if try to manually reset the password, it ask 3 times.

ub1nas3p:/# passwd hp
Password:
New Password:
Re-enter new Password:
passwd: password successfully changed for hp
 
drsun [10629]-> passwd plexus
New Password:
Re-enter new Password:
passwd: password successfully changed for plexus

I am logged in as root, it only asks me twice and neither is for the current login's password.

May be difference in solaris 8 and 10

dunno.

But, if you can do this manually from linux to the solaris box, you should have no trouble writing an expect script.

A great teacher, does not provide answers, but methods to teach others "How and where to find the answers"

bsh

35 years Bell, AT&T, Lucent, Avaya
Tier 3 for 25 years and counting
 
Thats true. thats the difference between solaris 8 & 10.

even manually it gives me permission denied.

Password:
Permission denied

when it ask for password, i give password of remote hosts root password and when it gest in to the box it throws "permissioned denied"

 
I'm not going to read the entire length of this thread and reply only to the original question about an expect script to change passwords in mass. So this reply may no longer be relevant.

That said, when expect is installed it also installs a script you are looking for /usr/bin/passmass which may or may not require slight modification for your specific environment.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top