Change passwords for a specific user in multiple remote Servers (Linux or AIX) using SSH in BASH
In the project i am working on since last year u have to manage multiple personal users on over 200+ hosts accessible via ssh.
This is pretty time-consuming and very boring, so i decided to try and build something that did that for me 😉
The script will check if you fullfill all the requirements.
- Bash version >= 4.0
- Sshpass (download for Linux-Unix and Windows)
Don't know why you would, but you can also use this script to change the password of a single server.
To do that, simply start the script with the following positional parameters:
./password_change2.sh HOSTNAME_OR_IP USERNAME OLD_PASSWORD NEW_PASSWORDThis is by the way the most useful feature of the script and the one i built it for...
To use it you'll need to create a file containing all the hostname/ip to ssh into and other data (optional) and feed it to the script by using the -f parameter followed by the filename
-
The first line MUST be the heading, where you can specify the fields you want to use. They can be:
- MACCHINA: The target server (can be an hostname specified in your hosts file, an IP or a hostname reachable through a dns)
- UTENZA: The username you want to change the password [optional]
- PASSWORD: The old passowrd [optional]
- NUOVA_PASWORD: The new password [optional]
-
You can separate the fields using ;, , or TAB character. The separator used for the heading is going to determine the one used for ALL the other lines
-
The lines of the body (the ones containing the actual data) MUST follow the same field order and MUST not be blank or ignore a field, otherwise they will be skipped
-
To comment out a line you can put at the start of the line the # character (as if you were in a bash/python script)
Creating the file my_list.txt with the following
content:
MACCHINA;UTENZA;PASSWORD;NUOVA_PASWORD
10.11.12.13;my_username;my_password;my_new_password
# This line will be skipped
172.16.1.5;spiderman;ugly_pw;beautiful_pw
...and feed it with the file you just created by using the -f parameter.
./password_change2.sh -f my_list.txt-f: Specify the file to be used for Batch operations (see the Batch Mode)-c: If used in Batch Mode, don't change passwords. Just check the expiral date (chage -l-like output) of every entry-P: Enable the PICO rule (only for the PICO Trenitalia project i work at):- Uppercase all AIX username (hostname ending with
x) - Lowercase the Linux ones (hostname ending with
r).
- Uppercase all AIX username (hostname ending with
-h: Print the help and exit the script
-
If the username is the same for all the hosts you want to login into, you can omit it from the heading and the data. The script will automatically ask ONCE for it and use it throughout the process. The same goes for the new/old password.
-
The help embedded in the script and the headings as of 06/2020 are ONLY in Italian. I'm planning to convert them in English language