Hello -
I want to reset user password in multiple server via root ID. I have passwordless authentication for root between all the servers.
I an use loop to reset the password. I am using below command in loop
echo mypassword | passwd username --stdin
However, if anyone sees history - he can see the password ?
Anyway - I can set a encrypted password ?So, that noone can see it in history
You could always delete the history file or munge the instance of the password to something else ( sed is your friend)
Try this instead so the password is not logged to the history.
passwd --stdin username</tmp/secret
I assume this is obvious, but if you do it this way, be sure that the permissions on /tmp/secret only allow read and write access to the file's owner and be sure that the file's owner is root.
Good point Don. A better location would be one that only root can access like /root assuming the permissions are restrictive 700. Feeding encrypted passwords to a command like chpasswd(8) would also be better. That way there are no plain text passwords on the target servers.
Before you leave the session you can tell Bash to not save the history for that session:
unset HISTFILE && exit