I am trying to mass set a few user account passwords using chpasswd
. The passwords should be generated randomly and printed to stdout
(I need to write them down or put them in a password store), and also passed into chpasswd
.
Naively, I would do this like this
{
echo student1:$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo '')
echo student2:$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13 ; echo '')
} | tee >(chpasswd)
However I worry about passing the new password as a commandline argument to echo
, because arguments are usually visible to other users in ps -aux
(although I never saw any echo
line appear in ps
).
Is there an alternative way of prepending a value to my returned password, and then passing it into chpasswd
?
Best Answer
Your code should be safe as
echo
won't show up in the process table since it's a shell built-in.Here's an alternative solution:
This creates your student names and passwords,
n
of them, without passing any passwords on any command line of any command.The
paste
utility glues together several files as columns and inserts a delimiter in-between them. Here, we use:
as the delimiter and give it two "files" (process substitutions). The first one contains the output of aseq
command that creates 20 student usernames, and the second contains the output of a pipeline that creates 20 random strings of length 13.If you have a file with usernames already generated:
These will save the passwords and usernames to the file
secret.txt
instead of showing the generated passwords in the terminal.