I am superadmin of a server and like to change password of an existing user . How can I do that ?
I tried
usermod -p 'new-password' johnbut it didn't worked ?
19 Answers
The usermod -p flag is expecting the data to be the password already in an encrypted format.
Use openssl passwd to generate the encrypted data, or do it like this:
usermod -p `openssl passwd` (USERNAME) 2 The reason it didn't work is because usermod's -p option expects the password to be encrypted already.
From usermod's man page:
-p, --password PASSWORD The encrypted password, as returned by crypt(3).To set a password in this way is not recommended.
Instead You should use passwd <username>. This should (as usermod) be done as root (if you're not changing the currently logged in users password).
To change the password for user foo.
sudo passwd fooThis will prompt for a new password.
Have a look at the man-page for passwd for more info on setting for example expire time.
Good Luck!
1You may use passwd:
sudo passwd USERNAME You need not sudo if you're superuser yourself
The way to assign a password with usermod (which is what the OP actually asked for) is to use a crypt() hashed password for the -p argument.
SALT="Q9"
PLAINTEXT="secret_password"
HASH=$(perl -e "print crypt(${PLAINTEXT},${SALT})")
echo "Password Hash = \"${HASH}\""Then use that in your usermod -p command line argument:
usermod -p ${HASH} john A non-interactive single line command for changing the password of a user:
sudo usermod -p `perl -e "print crypt("new-password","Q4")"` johnusermod -p requires encrypted password to work. Please note the new-password will be visible for users who can list the processes.
Something that should be added here is the following. This method:
sudo usermod -p `perl -e "print crypt("new-password","Q4")"` johnmeans that multiple very similar passwords will ALL work. For example, on Oracle Linux 7.4 server and Ubuntu 17.10 desktop consider:
sudo usermod -p `perl -e "print crypt("borkling","Q4")"` orabuntuNow if one does:
su - orabuntuyou will find that ANY password that starts with borkling will work, e.g.
borkling88
borklingjarsalthough borkline will not work which is because as stated previously any password that has "borkling" as it's prefix will also work when the password is set in this way.
A way to to this that afaik does not have this unwanted side-effect is the following:
(credit for these goes to "Sandeep" here:
)
On RedHaty Linuxes: (omit the "-G wheel" if you don't want sudo privs granted)
sudo useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -G wheel ${USERNAME}On Debiany Linuxes (omit the -G sudo if you don't want sudo privs):
sudo useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -G sudo ${USERNAME} Just type
passwdIn this way normal user can change own password without root privilege if you don't have.
We can use commands mkpasswd and usermod. This is simple and reliable.
In order to have the command mkpasswd:
apt install whoismkpasswd -m sha-512 your-secret-passwordwith the result from
mkpasswd, you can launch usermod like thisusermod -p 'the-result-from-mkpasswd' root
Check the screenshot from my testDemo on password change
#! /bin/bash
USER=$1
PASS=$2
usermod --password $(echo $PASS | openssl passwd -1 -stdin) $USER 1