Sean Carolan
2010-Jan-28 13:20 UTC
[CentOS] /usr/sbin/usermod -p doesn't update MAX_DAYS - workaround?
I have a large group of Linux servers that I inherited from a previous administrator. Unfortunately there is no single sign-on configured so each server has it's own local accounts with local authentication. Normally I use ssh keys and a handy shell script to change passwords on all these machines with the usermod -p command. We are able to update the password on on one server and push the encrypted password out to all the others. If, however, we turn on password aging with "chage -M 90 username" then try to update passwords with usermod, the aging info for the account is not updated even though the password has been changed. Apparently this must be done manually for each and every server with the passwd command. This is not practical. In the long run we're going to try and get some kind of centralized authentication, but in the meantime does anyone have an idea for a workaround? Thanks Sean
Mogens Kjaer
2010-Jan-28 13:43 UTC
[CentOS] /usr/sbin/usermod -p doesn't update MAX_DAYS - workaround?
On 01/28/2010 02:20 PM, Sean Carolan wrote: ...> In the long run we're going to try and get some kind of centralized > authentication, but in the meantime does anyone have an idea for a > workaround?If your script change passwords via ssh and usermod, why not at the same time do a chage -d number username? Mogens -- Mogens Kjaer, Carlsberg A/S, Computer Department Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark Phone: +45 33 27 53 25, Mobile: +45 22 12 53 25 Email: mk at crc.dk Homepage: http://www.crc.dk