How to change password using usermod?

I am superadmin of a server and like to change password of an existing user . How can I do that ?

I tried

usermod -p 'new-password' john

but it didn't worked ?

1

9 Answers

The usermod -p flag is expecting the data to be the password already in an encrypted format.

Use openssl passwd to generate the encrypted data, or do it like this:

usermod -p `openssl passwd` (USERNAME)
2

The reason it didn't work is because usermod's -p option expects the password to be encrypted already.

From usermod's man page:

 -p, --password PASSWORD The encrypted password, as returned by crypt(3).

To set a password in this way is not recommended.

Instead You should use passwd <username>. This should (as usermod) be done as root (if you're not changing the currently logged in users password).

To change the password for user foo.

sudo passwd foo

This will prompt for a new password.

Have a look at the man-page for passwd for more info on setting for example expire time.

Good Luck!

1

You may use passwd:

sudo passwd USERNAME 

You need not sudo if you're superuser yourself

3

The way to assign a password with usermod (which is what the OP actually asked for) is to use a crypt() hashed password for the -p argument.

SALT="Q9"
PLAINTEXT="secret_password"
HASH=$(perl -e "print crypt(${PLAINTEXT},${SALT})")
echo "Password Hash = \"${HASH}\""

Then use that in your usermod -p command line argument:

usermod -p ${HASH} john

A non-interactive single line command for changing the password of a user:

sudo usermod -p `perl -e "print crypt("new-password","Q4")"` john

usermod -p requires encrypted password to work. Please note the new-password will be visible for users who can list the processes.

1

Something that should be added here is the following. This method:

sudo usermod -p `perl -e "print crypt("new-password","Q4")"` john

means that multiple very similar passwords will ALL work. For example, on Oracle Linux 7.4 server and Ubuntu 17.10 desktop consider:

sudo usermod -p `perl -e "print crypt("borkling","Q4")"` orabuntu

Now if one does:

su - orabuntu

you will find that ANY password that starts with borkling will work, e.g.

borkling88
borklingjars

although borkline will not work which is because as stated previously any password that has "borkling" as it's prefix will also work when the password is set in this way.

A way to to this that afaik does not have this unwanted side-effect is the following:

(credit for these goes to "Sandeep" here:
)

On RedHaty Linuxes: (omit the "-G wheel" if you don't want sudo privs granted)

sudo useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -G wheel ${USERNAME}

On Debiany Linuxes (omit the -G sudo if you don't want sudo privs):

sudo useradd -m -p $(openssl passwd -1 ${PASSWORD}) -s /bin/bash -G sudo ${USERNAME}

Just type

passwd

In this way normal user can change own password without root privilege if you don't have.

We can use commands mkpasswd and usermod. This is simple and reliable.

  • In order to have the command mkpasswd:

    apt install whois
  • mkpasswd -m sha-512 your-secret-password
  • with the result from mkpasswd, you can launch usermod like this

    usermod -p 'the-result-from-mkpasswd' root

Check the screenshot from my testDemo on password change

#! /bin/bash
USER=$1
PASS=$2
usermod --password $(echo $PASS | openssl passwd -1 -stdin) $USER
1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like