- How to force change linux password even if similar as previous
- 5 Answers 5
- Not changing root password in Centos 7 [closed]
- 1 Answer 1
- Related
- Hot Network Questions
- Changing a user’s password within a script doesn’t work [duplicate]
- Can’t change root password, passwd doesn’t do anything
- 1 Answer 1
- passwd command not changing the current user password
- 2 Answers 2
- You must log in to answer this question.
- Related
- Hot Network Questions
- Subscribe to RSS
How to force change linux password even if similar as previous
I am trying to change my current password in Red Hat Enterprise Linux Server release 5.10 (Tikanga) but it says my new password is too similar. Is there any way to force change ?
$ passwd Changing password for user XY Changing password for XY (current) UNIX password: New UNIX password: BAD PASSWORD: is too similar to the old one New UNIX password:
I did not want to change to same password. let say I have Bilbo1 and I want to change to Bilbo2, I get message above: «BAD PASSWORD: is too similar to the old one». SO I am not changing to same password
If you had bothered to read the answers to that question, you’d have realized why you’re in the same position and how to resolve your problem.
@darnir, duplicates are when the question is already asked in same SO site. This one can not be a duplicate 🙂
5 Answers 5
If you can run the command as root, you can force the change to be accepted.
$ sudo passwd myusername Changing password for user myusername. New password: Retype new password: passwd: all authentication tokens updated successfully.
If the user had super user access, they might as well change whatever settings enables these silly password restrictions. Since they are not asking about this, I’m assuming they do not have root access.
- change twice, e.g. old passwd is Bilbo1,
- change to Frodo1 (from Bilbo1),
- then change to Bilbo2 (from Frodo1).
- on the first change, Linux can only compare clear text Bilbo1 and Frodo1,
- on second Linux can only compare Frodo1 and Bilbo2 (and all the crypted passwd, you can’t revert to Bilbo1(*)).
- This suppose you can change twice, which may have been disable by your system admin, to prevent such work arround.
Needless to say, do not use such a silly password.
(*) On second tought, I am not sure about this point in Linux.
I did not want to change to same password. let say I have Bilbo1 and I want to change to Bilbo2, I get message above: «BAD PASSWORD: is too similar to the old one». SO I am not changing to same password
well, while trying change from Frodo1 to Bilbo2 I got message that: «You must wait longer to change your password» LOL
that was my third point. my favourite password pattern is Bilbo00 / Frodo00 with 00 the current month.
On CentOS, you can also use the -f option to force the password change.
$ passwd -f username Changing password for user username. New password: Retype new password:
Since passwd uses PAM, you would have to modify the file: /etc/pam.d/common-password on Debian based systems like Ubuntu, or /etc/pam.d/system-auth on RedHat based systems.
The other answers solve the problem for most users. However, if you’re an admin using a Linux system with PAM, and want this policy removed for all users to change their password without needing to use sudo or root, then this needs to be changed in the PAM settings.
I don’t know about RHEL, but on Ubuntu, you can edit /etc/pam.d/common-password. There should be a line somewhere like this
password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512
The obscure keyword tells PAM to do a series of checks that compares the new password to the old password, and makes sure that the new password is different enough from the old one in the following ways
- The new password is not a palindrome of the old one
- The new password isn’t just a case change of the old one
- The new password isn’t too much like the previous one (the issue here)
- The password isn’t too simple
- The password isn’t just a rotated version of the old one
More information can be found in man pam_unix
Removing this keyword and refreshing PAM would mean that the checks will not be done anymore. However, keep in mind that this may encourage bad passwords to be used and may affect the security of your system.
Try:
sudo busybox passwd XY
(XY is your user name)I have used the root privilege to set a weak password for a normal user, with a warning, but it worked in the end.
But I tried again recently and it failed.
My final solution is to use busybox’s internal passwd program, which is a different program, and it works.My system is gentoo, and after checking, the default passwd is from sys-apps/shadow-4.8.1-r2.
duke@duke-pc ~ $ sudo passwd duke You can now choose the new password or passphrase. A good password should be a mix of upper and lower case letters, digits, and other characters. You can use a password that consists of 8 characters. A passphrase should be of at least 3 words, 8 to 40 characters long, and contain enough different characters. Alternatively, if no one else can see your terminal now, you can pick this as your password: "sleep=Medal2brim". Enter new password: Weak password: too short. Try again. (. ) You can now choose the new password or passphrase. A good password should be a mix of upper and lower case letters, digits, and other characters. You can use a password that consists of 8 characters. A passphrase should be of at least 3 words, 8 to 40 characters long, and contain enough different characters. Alternatively, if no one else can see your terminal now, you can pick this as your password: "Freeze+six7nazi". Enter new password: Weak password: based on a dictionary word and not a passphrase. passwd: Authentication token manipulation error passwd: password unchanged duke@duke-pc ~ $ duke@duke-pc ~ $ sudo busybox passwd duke Changing password for duke New password: Bad password: too weak Retype password: passwd: password for duke changed by root duke@duke-pc ~ $
Not changing root password in Centos 7 [closed]
I have a CentOS 7 server and I couldn’t log in to it because I forgot the root password. So I changed this password, but still did not work when I tried to log in using this new one. I’m using HP proliant d380 g7 with CentOS 7.
You can’t log in, but you can change the password? What exactly is it that you’re doing? What results and what did you expect to result instead?
1 Answer 1
Try reset the root password using the grub command line :
- Press e in the grub menu in order to edit the boot command.
- Update the line start with linux16 and replace the option ro with rw init=/sysroot/bin/sh
- Press Control+x to start on single user mode
- After the boot you are logged in as root. Type chroot /sysroot to mount the root file system.
- Update the root password with passwd command and type the new root password. I suggest to set a very easy password.
- Run the command touch /.autorelabel to update the SELinux.
- Then type exit and finally reboot the system with reboot .
After the reboot you are able to login as root with the password set in the step 5.
Related
Hot Network Questions
Site design / logo © 2023 Stack Exchange Inc; user contributions licensed under CC BY-SA . rev 2023.7.13.43531
Linux is a registered trademark of Linus Torvalds. UNIX is a registered trademark of The Open Group.
This site is not affiliated with Linus Torvalds or The Open Group in any way.By clicking “Accept all cookies”, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy.
Changing a user’s password within a script doesn’t work [duplicate]
For reasons I want to change a user’s password to a random one every X minutes using a script. It’s a debian machine, the following script is started via @reboot in root’s crontab and the script is running. Every X minutes the new password is written to the file specified in the script, however, the password is never changed.
#!/bin/bash # change user's password to a random one on boot and every five minutes while : ; do npasswd=$(pwgen 8 1) echo "$npasswd" > /root/current-user-passwd.txt usermod --password $(openssl passwd -1 "$npasswd") user # echo "$npasswd" | passwd user # usermod -p $(perl -e "print crypt("$npasswd","Q4")") user sleep 300 done
I have tried each of the three methods (the other two being commented out now), none work. However, when I copy the entire script and just paste it in a terminal to run it, it works perfectly fine. It just doesn’t work in a script if it’s started by cron. Does anyone know what is going on here?
I’ve also tried echo -n by the way, same results. I’ve also tried to set $npasswd in the script to something fixed, just to test it, same results. Just to clearify: I’m really looking for an answer that explains why this is working manually, but not in a script, not for an alternative way to change the password. Those methods do work, just not if the script is started by cron. Output of the script with set -o errexit -o nounset -o xtrace on top:+ : ++ pwgen 8 1 + npasswd=eiZeed5u + echo eiZeed5u ++ openssl passwd -1 eiZeed5u + usermod --password '$1$EYRCYJXm$5XkrVNxdrYRzxBmcRwuXm0' user + sleep 300
+ : + pwgen 8 1 + npasswd=aizof5Ka + echo aizof5Ka + openssl passwd -1 aizof5Ka + usermod --password $1$KFrgibYH$e1dMUeF2AzTtSPExBjbXo1 user /root/change-user-passwd.sh: 8: /root/change-user-passwd.sh: usermod: not found
Can’t change root password, passwd doesn’t do anything
I just got a dedicated server with ubuntu 14.04 on it. I haven’t received root details in my server info email, but instead for a different user. So I wanted root access and tried to change the password. I tried:
And I entered my new root password, but when I try to login as root I still get denied access. If anybody can help me it would be greatly appreciated. Thanks.
Check the output of sudo getent shadow root | cut -d: -f2 ..does it start with $ or something else like ! . DON’T POST THE OUTPUT HERE..
It’s probably because you are trying to log in as root via ssh using the password, and that is disabled for security reasons — just don’t do it. Either stick to sudo or — if you really must log in directly as root — set up key-based authentication.
1 Answer 1
By default in Ubuntu the /etc/ssh/sshd_config file of the openssh-server has the following line:
PermitRootLogin without-password
this prevents to login into the ssh-server as root using password which is for security reasons, you can use key based authentication (and any other not using password) mechanism to login as root directly.
- First the bad option, avoid this one. Make the line of /etc/ssh/sshd_config as:
su - root ## Will need root's password.
sudo su - ## Will need calling user's password. The calling user needs to be able to use sudo.
passwd command not changing the current user password
I have tried with command: $ passwd It is asking new password and give success message but when I try to login with new password after restart the system. It work with old password. New password not changed! Any idea.
Are you sure you are typing in passwd ? Because if you are using sudo passwd you are changing the root user password.
What kemotep said. If it’s not asking you to confirm your existing password (which you don’t mention anything about), we will have to assume that you are indeed using sudo passwd , which will change the root user’s password (without having to confirm the old password), not the password of the current user.
2 Answers 2
In my case, I changed passwords successfully, but a new password for didn’t work for logging in or using sudo .
Turned out I had two passwd tools, for whatever reason. One at /usr/local/bin/passwd and another at /usr/bin/passwd . Using the latter solved the issue.
You can run type -a passwd to see it.
Did you use sudo ? If so, you might have changed your root password, not your user password.
To change your root password:
To change your user password:
EDIT: A reviewer suggested that changing the user password should be simply:
However, this didn’t work on the system I was using.
You must log in to answer this question.
Related
Hot Network Questions
Subscribe to RSS
To subscribe to this RSS feed, copy and paste this URL into your RSS reader.
Site design / logo © 2023 Stack Exchange Inc; user contributions licensed under CC BY-SA . rev 2023.7.13.43531
Linux is a registered trademark of Linus Torvalds. UNIX is a registered trademark of The Open Group.
This site is not affiliated with Linus Torvalds or The Open Group in any way.By clicking “Accept all cookies”, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy.