Linux create new user password

How to automatically add user account AND password with a Bash script?

I need to have the ability to create user accounts on my Linux (Fedora 10) and automatically assign a password via a bash script(or otherwise, if need be). It’s easy to create the user via Bash e.g.:

[whoever@server ]# /usr/sbin/useradd newuser 

Is it possible to assign a password in Bash, something functionally similar to this, but automatically:

[whoever@server ]# passwd newuser Changing password for user testpass. New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully. [whoever@server ]# 

I think this question is on topic. One of the strongest trends now is the DevOps attitude of «configuration as code», i e that the platform is created by «programming» a sequence of admin steps that bootstrap the platform. To do user management in script mode is definitely part of this programming.

As a DevOps, I think this is a useful question (with useful answers) but that’s with my SysAdmin hat on. It might make more sense to move this to SuperUser.

20 Answers 20

echo username:new_password | chpasswd 

so, you change password for user username to new_password .

+1, This is the right tool for the job: $ apropos chpasswd . chpasswd (8) — update passwords in batch mode

You can run the passwd command and send it piped input. So, do something like:

echo thePassword | passwd theUsername --stdin 

Bonus of that method is that it’s secure (assumed echo is a builtin in the used shell, which it is commonly), at least concerning /proc/ .

@MarkusOrreilly works, but not when using a provisioning tool like Ansible. As @Nybble stated, you should be using chpasswd. So here is what works: echo ‘myuser:mypass’ | chpasswd . Hope that helps.

I’m surprised no-one has mentioned the reason passwd doesn’t make this easy: this approach will put the new password straight into the shell history, unless steps are taken to prevent this. Anyone committed to going this route, should keep this is mind.

I was asking myself the same thing, and didn’t want to rely on a Python script.

This is the line to add a user with a defined password in one bash line:

useradd -p "$(openssl passwd -6 $PASS)" $USER 
  • Note the double quote to prevent the shell interpreting included special parameters. Namely $ in this case.
  • This uses a SHA-512 hash, specified by the -6 flag. See openssl passwd —help for more options.

Edit: Since c87a7f31a3 the option -crypt is removed. Therefore replaced with -6 flag in the example above.

useradd -p $(openssl passwd -1 $PASS) $USER is more modern, as back-ticks are deprecated and $() is recommended.

An issue I had with this: I had created my user with a shell of zsh, not realizing that at that point zsh hadn’t been installed. The password login will fail if you do this, so before you assume this isn’t working (it will definitely work on today’s Arch and on Debian 7) you might check that on a brand new installation.

Читайте также:  Добавить доменного пользователя astra linux

useradd -m -p -s /bin/bash , -m Crates home directory, -s specifies users defualt shell, substitute password and user for your needs.

You can also salt the password: useradd -m -p $(openssl passwd -1 -salt $SALT $PASS) . I think this is required on later Ubuntu’s.

@Bryson don’t use -1 as that one uses MD5, which is not secure anymore. Use -crypt (default at least in OpenSSL 1.1.1).

The code below worked in Ubuntu 14.04. Try before you use it in other versions/linux variants.

# quietly add a user without password adduser --quiet --disabled-password --shell /bin/bash --home /home/newuser --gecos "User" newuser # set password echo "newuser:newpassword" | chpasswd 

en.wikipedia.org/wiki/Gecos_field The gecos field, or GECOS field is an entry in the /etc/passwd file on Unix, and similar operating systems. It is typically used to record general information about the account or its user(s) such as their real name and phone number. GECOS means General Electric Comprehensive Operating System, which has been renamed to GCOS when GE’s large systems division was sold to Honeywell.

I liked Tralemonkey’s approach of echo thePassword | passwd theUsername —stdin though it didn’t quite work for me as written. This however worked for me.

echo -e "$password\n$password\n" | sudo passwd $user 

-e is to recognize \n as new line.

sudo is root access for Ubuntu.

The double quotes are to recognize $ and expand the variables.

The above command passes the password and a new line, two times, to passwd , which is what passwd requires.

If not using variables, I think this probably works.

echo -e 'password\npassword\n' | sudo passwd username 

Single quotes should suffice here.

Works beautifully in bash. However, if running in sh, then -e option does not work. I found out the hard way that it actually outputs «-e». Luckily, the -e option is not necessary in sh, the escaping is default there. The portable version is to use printf «password\npassword\n» | . instead.

The following works for me and tested on Ubuntu 14.04. It is a one liner that does not require any user input.

sudo useradd -p $(openssl passwd -1 $PASS) $USERNAME 

Single liner to create a sudo user with home directory and password.

useradd -m -p $(openssl passwd -1 $) -s /bin/bash -G sudo $
useradd -p encrypted_password newuser 

Unfortunately, this does require you to hash the password yourself (where passwd does that for you). Unfortunately, there does not seem to be a standard utility to hash some data so you’ll have to write that yourself.

Here’s a little Python script I whipped up to do the encryption for you. Assuming you called it pcrypt, you would then write your above command line to:

useradd -p $(pcrypt $) newuser 

A couple of warnings to be aware of.

  1. While pcrypt is running, the plaintext will be visible to any user via the ps command.
  2. pcrypt uses the old style crypt function — if you are using something more moderns like an MD5 hash, you’ll need to change pcrypt.
#!/usr/bin/env python import crypt import sys import random saltchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" def salt(): return random.choice(saltchars) + random.choice(saltchars) def hash(plain): return crypt.crypt(arg, salt()) if __name__ == "__main__": random.seed() for arg in sys.argv[1:]: sys.stdout.write("%s\n" % (hash(arg),)) 

Thanks R Klatchko, That should work. I can’t believe I didn’t know about the -p option. I can take care of hashing myself:)

Читайте также:  Пароль администратора линукс убунту

Can you explain a little bit, how I would be able to use the password and not the hashed password later?

—stdin doesn’t work on Debian. It says:

`passwd: unrecognized option '--stdin'` 
#useradd $USER #echo "$USER:$SENHA" | chpasswd 

Here we can find some other good ways:

This is the proper way to do it, and the only way officially supported by the maintainers of the shadow suite. See this bug report.

You can use expect in your bash script.

#!/usr/bin/expect ######################################### #$ file: htpasswd.sh #$ desc: Automated htpasswd shell script ######################################### #$ #$ usage example: #$ #$ ./htpasswd.sh passwdpath username userpass #$ ###################################### set htpasswdpath [lindex $argv 0] set username [lindex $argv 1] set userpass [lindex $argv 2] # spawn the htpasswd command process spawn htpasswd $htpasswdpath $username # Automate the 'New password' Procedure expect "New password:" send "$userpass\r" expect "Re-type new password:" send "$userpass\r" 

I know I’m coming at this years later, but I can’t believe no one suggested usermod.

usermod --password `perl -e "print crypt('password','sa');"` root 

Hell, just in case someone wants to do this on an older HPUX you can use usermod.sam .

/usr/sam/lbin/usermod.sam -F -p `perl -e "print crypt('password','sa');"` username 

The -F is only needed if the person executing the script is the current user. Of course you don’t need to use Perl to create the hash. You could use openssl or many other commands in its place.

I’ve tested in my own shell script.

For CentOS

echo "$new_password" | passwd --stdin "$new_username" 

For Debian/Ubuntu

echo "$new_username:$new_password" | chpasswd 

For OpenSUSE

echo -e "$new_password\n$new_password" | passwd "$new_username" 

Here is a script that will do it for you .

You can add a list of users (or just one user) if you want, all in one go and each will have a different password. As a bonus you are presented at the end of the script with a list of each users password. . If you want you can add some user maintenance options

chage -m 18 $user chage -M 28 $user 

to the script that will set the password age and so on.

#!/bin/bash # Checks if you have the right privileges if [ "$USER" = "root" ] then # CHANGE THIS PARAMETERS FOR A PARTICULAR USE PERS_HOME="/home/" PERS_SH="/bin/bash" # Checks if there is an argument [ $# -eq 0 ] && < echo >&2 ERROR: You may enter as an argument a text file containing users, one per line. ; exit 1; > # checks if there a regular file [ -f "$1" ] || < echo >&2 ERROR: The input file does not exists. ; exit 1; > TMPIN=$(mktemp) # Remove blank lines and delete duplicates sed '/^$/d' "$1"| sort -g | uniq > "$TMPIN" NOW=$(date +"%Y-%m-%d-%X") LOGFILE="AMU-log-$NOW.log" for user in $(more "$TMPIN"); do # Checks if the user already exists. cut -d: -f1 /etc/passwd | grep "$user" > /dev/null OUT=$? if [ $OUT -eq 0 ];then echo >&2 "ERROR: User account: \"$user\" already exists." echo >&2 "ERROR: User account: \"$user\" already exists." >> "$LOGFILE" else # Create a new user /usr/sbin/useradd -d "$PERS_HOME""$user" -s "$PERS_SH" -m "$user" # passwdgen must be installed pass=$(passwdgen -paq --length 8) echo $pass | passwd --stdin $user # save user and password in a file echo -e $user"\t"$pass >> "$LOGFILE" echo "The user \"$user\" has been created and has the password: $pass" fi done rm -f "$TMPIN" exit 0 else echo >&2 "ERROR: You must be a root user to execute this script." exit 1 fi 

Источник

Читайте также:  Можно ли изменить mac адрес вашего linux сервера

Linux: Create a New User and Password and Login Example

In order to create a user in Linux, the first thing required is that you have access to root user, or else you will get a «Permission denied» error.

When you create or edit a user, the user details will get updated in the /etc/passwd file.

How to create new User?

  • Make sure you are logged in as a root user (can use sudo if you prefer),
  • Now to create a user myuser, type command useradd muser,
root@linux # useradd myuser
# cat /etc/passwd | grep myuser myuser:x:1002:1002::/home/myuser:/bin/bash
1) myuser -> our newly created username 2) x -> password is saved in the /etc/shadow file. 3) 1002 -> is the user id of user myuser 4) 1002 -> is the myusers primary group id 5) empty -> users description. 6) /home/myuser -> users home directory 7) /bin/bash -> users default login shell

How to Change Password for a new User?

    On the Terminal type passwd username>, Example:

# passwd myuser Changing password for user myuser. New password: Retype new password: passwd: all authentication tokens updated successfully.

How to login with a new user?

Now that we have the new user setup with username and password, let’s try to log in using it.

As we were logged in as the root user, we can make use of su or sudo command followed by username or simply exit and login using the new username while doing ssh,

Example: Login using su command,

root@linux # su mysuer myuser@linux root]$ cd ~ myuser@linux root]$ cd pwd /home/myuser
root@linux # sudo -u myuser bash myuser@linux root]$ cd ~ myuser@linux root]$ cd pwd /home/myuser

Login with the new user using SSH

To login to the server/system from a remote location, you can ssh as follows,

# ssh myuser@ip-of-the-server password: myuser@linux ~]$

Know the Author: With a Masters Degree in Computer Science, Rakesh is a highly experienced professional in the field. With over 18 years of practical expertise, he specializes in programming languages such as Java, Python, Sharepoint, PHP, and Rust. He is dedicated to delivering high-quality solutions and providing valuable insights to meet the unique challenges of the digital landscape. rakesh@code2care.org is where you can reach him out.

We keep our articles short so the focus remains on providing effective tech solutions while promoting healthier screen habits and enhancing overall well-being. 📝 💡 🌱 By reducing screen time, we contribute to a greener future, reducing carbon emissions and fostering digital well-being. 🌍 🌿 🔋

We are celebrating the 10th years of Code2care! Thank you for all your support!

We strongly support Gender Equality & Diversity — #BlackLivesMatters

Источник

Оцените статью
Adblock
detector