Sysadmin/password security

From Earlham CS Department
Revision as of 11:57, 19 April 2018 by Anschwa (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Password Security Tools

Here are some utilities for cleaning up accounts with weak passwords. They are located at sysadmin@home.cs.earlham.edu:~/hardshell

The workflow is as follows 

$ ./get_users.sh > users.txt
$ nohup ./check_users.sh &  # this may take a few minutes

$ ./bad_eggs.sh nohup.out   # send mail to vulnerable <user>@earlham.edu
                            # and output them to stdout

There is also a check_and_change.sh script that if given a list of users, it will try to login using the default passwords and if successful, it will generate a random one and change it immediately.

Retrieved from "https://wiki.cs.earlham.edu/index.php?title=Sysadmin/password_security&oldid=16509"