random generator to change root password regularly - scripting help needed
From: Gold Sun (goldsun8_at_yahoo.com.sg)
Date: 05/31/05
- Previous message: Ruben Navarro Huedo: "Blade 1000 - Fan Speed and Temp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 31 May 2005 08:26:08 +0800 (CST) To: Sun Managers <sunmanagers@sunmanagers.org>
Hi,
We have hardened Solaris boxes where administrators do
not need to know the root password (as we just do 'sudo -s').
It's the policy here that all passwords including root's must
expire every 3 months but this created a problem to an
application that would fail if the root password expires.
I have an idea/solution that the security person is agreeable :
"set up a script in crontab which runs every 90 days to
change the password to a randomly generated password"
I've obtained a standalone tool from a TACACS application
that would generate a different hashed password each time
it's run even though the same fixed string(contained in the
file input.txt) is input into it :
./generate_pass < input.txt
Password to be encrypted: J58rSyCjtnUhQ
./generate_pass < input.txt
Password to be encrypted: 2ZwWQZxHplNA.
The problem I'm facing is how to feed the encrypted password
into the "passwd root" command if someone could help me
with some Shell scripting here :
a)"passwd root" command will prompt for password twice
- so how can we feed the encrypted string into
"passwd root"
b)note that we should not run generate_pass twice as it
will create a different password - we need to enter the
same password twice (2nd time is confirmation)
Thanks for any help
G Sun
Yahoo! Mobile
- Download the latest ringtones, games, and more!
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
- Previous message: Ruben Navarro Huedo: "Blade 1000 - Fan Speed and Temp"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
