Difference between revisions of "Sysadmin/password security"
Jump to navigation
Jump to search
(Created page with "= Password Security Tools = Here are some utilities for cleaning up accounts with weak passwords.") |
|||
| (One intermediate revision by the same user not shown) | |||
| Line 2: | Line 2: | ||
Here are some utilities for cleaning up accounts with weak passwords. | Here are some utilities for cleaning up accounts with weak passwords. | ||
| + | They are located at <code>sysadmin@home.cs.earlham.edu:~/hardshell</code> | ||
| + | |||
| + | The workflow is as follows | ||
| + | <pre> | ||
| + | $ ./get_users.sh > users.txt | ||
| + | $ nohup ./check_users.sh & # this may take a few minutes | ||
| + | |||
| + | $ ./bad_eggs.sh nohup.out # send mail to vulnerable <user>@earlham.edu | ||
| + | # and output them to stdout | ||
| + | </pre> | ||
| + | |||
| + | There is also a <code>check_and_change.sh</code> script that if given a list of users, it will try to login using the default passwords and if successful, it will generate a random one and change it immediately. | ||
Latest revision as of 10:57, 19 April 2018
Password Security Tools
Here are some utilities for cleaning up accounts with weak passwords.
They are located at sysadmin@home.cs.earlham.edu:~/hardshell
The workflow is as follows
$ ./get_users.sh > users.txt
$ nohup ./check_users.sh & # this may take a few minutes
$ ./bad_eggs.sh nohup.out # send mail to vulnerable <user>@earlham.edu
# and output them to stdout
There is also a check_and_change.sh script that if given a list of users, it will try to login using the default passwords and if successful, it will generate a random one and change it immediately.
