Commit | Line | Data |
---|---|---|
920dae64 AT |
1 | .TH PASSMASS 1 "7 October 1993" |
2 | .SH NAME | |
3 | passmass \- change password on multiple machines | |
4 | .SH SYNOPSIS | |
5 | .B passmass | |
6 | [ | |
7 | .I host1 host2 host3 ... | |
8 | ] | |
9 | .SH INTRODUCTION | |
10 | .B Passmass | |
11 | changes a password on multiple machines. If you have accounts on | |
12 | several machines that do not share password databases, Passmass can | |
13 | help you keep them all in sync. This, in turn, will make it easier to | |
14 | change them more frequently. | |
15 | ||
16 | When Passmass runs, it asks you for the old and new passwords. | |
17 | (If you are changing root passwords and have equivalencing, the old | |
18 | password is not used and may be omitted.) | |
19 | ||
20 | Passmass understands the "usual" conventions. Additional arguments | |
21 | may be used for tuning. They affect all hosts which follow until | |
22 | another argument overrides it. For example, if you are known as | |
23 | "libes" on host1 and host2, but "don" on host3, you would say: | |
24 | ||
25 | passmass host1 host2 -user don host3 | |
26 | ||
27 | Arguments are: | |
28 | .RS | |
29 | .TP 4 | |
30 | -user | |
31 | User whose password will be changed. By default, the current user is used. | |
32 | ||
33 | .TP 4 | |
34 | -rlogin | |
35 | Use rlogin to access host. (default) | |
36 | ||
37 | .TP 4 | |
38 | -slogin | |
39 | Use slogin to access host. | |
40 | ||
41 | .TP 4 | |
42 | -ssh | |
43 | Use slogin to access host. | |
44 | ||
45 | .TP 4 | |
46 | -telnet | |
47 | Use telnet to access host. | |
48 | ||
49 | .TP 4 | |
50 | -program | |
51 | ||
52 | Next argument is a program to run to set the password. Default is | |
53 | "passwd". Other common choices are "yppasswd" and "set passwd" (e.g., | |
54 | VMS hosts). A program name such as "password fred" can be used to | |
55 | create entries for new accounts (when run as root). | |
56 | ||
57 | .TP 4 | |
58 | -prompt | |
59 | Next argument is a prompt suffix pattern. This allows | |
60 | the script to know when the shell is prompting. The default is | |
61 | "# " for root and "% " for non-root accounts. | |
62 | ||
63 | .TP 4 | |
64 | -timeout | |
65 | Next argument is the number of seconds to wait for responses. | |
66 | Default is 30 but some systems can be much slower logging in. | |
67 | ||
68 | .TP 4 | |
69 | -su | |
70 | ||
71 | Next argument is 1 or 0. If 1, you are additionally prompted for a | |
72 | root password which is used to su after logging in. root's password | |
73 | is changed rather than the user's. This is useful for hosts which | |
74 | do not allow root to log in. | |
75 | ||
76 | .SH HOW TO USE | |
77 | The best way to run Passmass is to put the command in a one-line shell | |
78 | script or alias. Whenever you get a new account on a new machine, add | |
79 | the appropriate arguments to the command. Then run it whenever you | |
80 | want to change your passwords on all the hosts. | |
81 | ||
82 | .SH CAVEATS | |
83 | ||
84 | Using the same password on multiple hosts carries risks. In | |
85 | particular, if the password can be stolen, then all of your accounts | |
86 | are at risk. Thus, you should not use Passmass in situations where | |
87 | your password is visible, such as across a network which hackers are | |
88 | known to eavesdrop. | |
89 | ||
90 | On the other hand, if you have enough accounts with different | |
91 | passwords, you may end up writing them down somewhere - and | |
92 | .I that | |
93 | can be a security problem. Funny story: my college roommate had an | |
94 | 11"x13" piece of paper on which he had listed accounts and passwords | |
95 | all across the Internet. This was several years worth of careful work | |
96 | and he carried it with him everywhere he went. | |
97 | Well one day, he forgot to remove it from his jeans, and we found a | |
98 | perfectly blank sheet of paper when we took out the wash the following | |
99 | day! | |
100 | .SH SEE ALSO | |
101 | .I | |
102 | "Exploring Expect: A Tcl-Based Toolkit for Automating Interactive Programs" | |
103 | \fRby Don Libes, | |
104 | O'Reilly and Associates, January 1995. | |
105 | .SH AUTHOR | |
106 | Don Libes, National Institute of Standards and Technology |