Re: Question about "SCP" command

From:
Date: 05/21/02 

Date: Tue, 21 May 2002 00:49:24 GMT

"fish" <yuzuohong@online.sh.cn> wrote in message
news:aad6fd91.0205200350.514e097@posting.google.com...
> Hi all,
>
> We have more than 100 RedHat 7.2 servers running. They are all same
> IBM servers. Now it's time to change the ROOT password for them. Of
> course I don't wanna SSH to them individually to run "PASSWD".
> I thought of a simple shell program. But I still have some problem on
> it. Please help me out.
> I wanna do like this--At first, I change the ROOT password for one of
> them. Then I "SCP" /etc/shadow to all the other machines so that they
> could have the same new password.
> But I don't know how to use SCP at this situation. I read the manual
> and did some test, but all failed. You know, this "SCP" command
> should run batchly without any stop or question.
> Is it possible? Please help me with this SCP command. Thank you so
> much.
>
> fish

If you need to propagate this and you haven't already put SSH keys in place
or are running NIS or LDAP, you're screwed.

If you're running NIS, you can create an alternative root user with UID 0
that can run scp or rsync to hit every remote machine.

If you already have the keys, just load up your private key into ssh-agent
and run

    for name in [ list of hostnames ]; do
        scp /etc/shadow root@$name:/etc/shadow
    done

Of course, this will break things on any server that doesn't have the same
userlist, such as if you've installed or removed web servers, apache, user
accounts, etc. on some of the machines.

Instead, consider running a littls "sed" utility to replace the root account
entry with a new encrypted password, and just edit that line with it.

Relevant Pages

  • Re: Question about "SCP" command
    ... > We have more than 100 RedHat 7.2 servers running. ... Now it's time to change the ROOT password for them. ... > But I don't know how to use SCP at this situation. ... If you need to propagate this and you haven't already put SSH keys in place ...
    (comp.os.linux.security)
  • Re: Need urgent help regarding security
    ... There is plenty of security info out there ... email from even a dozen servers is small. ... an OS version upgrade should not be taken lightly. ... Given that your root password was apparently found on the servers, ...
    (freebsd-questions)
  • Re: Enterprose Manager after user password change
    ... XP client machines with a non-Domain account. ... > registered servers when the user's network password is changed. ... Saving the keys and restoring ... > password should be written to the registry. ...
    (microsoft.public.sqlserver.security)
  • graceful ssh key management
    ... How do I have multiple ssh keys not overwrite each other, ... I have a computer that is a client to a number of different servers. ...
    (SSH)
  • OpenSSH 3.0.1p1 Solaris 2.5 - 8.0 Nightmares occuring
    ... I am having some really bad problems trying to upgrade our servers to ... having all kinds of issues with the keys. ... PS Am purchasing O'reilly's SSH book today, hopefully, it will ...
    (comp.security.ssh)