How to add a user without knowing the encrypted form of the password?

Question

I use the following command to create a user in a linux machine:

useradd -d /home/dummy -g idiots -m -p 12345689 dummy

The user is created and the home directory as well.
The problem is that I can not log-in to the system using this account since the -p expects the encrypted password returned by crypto.

Question:I want to create a user via a bash script and I don't know the encrypted password by crypto. How can I do it so that I am able to create this user automatically via a script and get arround the problem with the password?

user9517 · Accepted Answer · 2012-03-08T14:38:01.277

You can use openssl to generate pre encrypted password strings to use with the -p option to useradd

echo "P4sSw0rD" | openssl passwd -1 -stdin

$1$Jxmpx1Da$Y8MzBctIyDW8/7pFPbNWD1

The -1 says to generate a MD5 password hash. The salt is automatically generated.

You can then use

useradd -d /home/dummy -g idiots -m -p $(echo "P4sSw0rD" | openssl passwd -1 -stdin) dummy

to add the user. To do this interactively hiding the password

useradd -d /home/dummy -g idiots -m -p $(read -sp Password: pw ; echo $pw | openssl passwd -1 -stdin) dummy

score 3 · Answer 2 · edited May 23 '17 at 12:41

3

Apparently, you can use

echo "password" | passwd dummy --stdin

I've never tried this.

Alternatively, you could put the user's public key in /home/dummy/.ssh/authorized_keys and forget about passwords entirely. This is the best option security-wise.

edited May 23 '17 at 12:41

Community

1

answered Mar 08 '12 at 10:07

Ladadadada

27,207

score 3 · Answer 3 · answered Mar 08 '12 at 11:02

That`s how I do it:

# cat user-pw_list
john:p455W0rD
geany:p455W0rD


# cat CreateUsers.sh
#!/bin/bash
#
# filename: CreateUsers.sh
# usage: cat "User:passwd" | $0
#
set -e
# set -x
while read ; do
  USER=${REPLY%%:*}
  PWD=${REPLY##*:}
  # alternative for random passwd, where $RANDOM is a bash function
  #PWD=${REPLY%%:*}$RANDOM$RANDOM

  echo -e "adding User $USER "
  # for disabled users: /usr/sbin/nologin, otherwise /bin/bash
  /usr/sbin/useradd -c automaticUser -m -k/dev/null -s /usr/sbin/nologin $USER
  echo "$USER:$PWD" | chpasswd --md5 $USER

  ## also add user to samba:
  #echo -e "$PWD\n$PWD" | pdbedit -t -u $USER
done

score 2 · Answer 4 · answered Mar 08 '12 at 10:03

As you are going to use a bash script, perhaps the good old newusers command would be helpful to you? It reads its input from a text file formatted like this:

pw_name:pw_passwd:pw_uid:pw_gid:pw_gecos:pw_dir:pw_shell

And the password in that file should be clear text. You can list as many users as you wish in the input file.

For more information see man newusers.

How to add a user without knowing the encrypted form of the password?

4 Answers4

Linked