[xen-tools-discuss] Re: change password on creation

[Jeff Forcier]

I made a Python role script called 'users' which, as far as the below
is concerned, generates random passwords with the 'pwgen' command line
app, then executes 'adduser' and 'passwd' in the under-creation VM's
chroot. It then calls 'passwd -e' (on Debian; RedHat's version of
passwd seems to lack this option) to force users to change their
password after first login.

It looks at the role-args argument for a comma-separated list of
usernames, so if I did e.g.

    $ xen-create-image --hostname blah --roles foo,bar,users
--role-args jdoe,jsmith

it would create users 'jdoe' and 'jsmith' on the VM, each with a
unique secure password, and when those users first connect they'll be
forced to change the password to something of their choosing. Users
get to pick their own password + a secure temp password to prevent any
sort of bruteforce attack if users never log in or don't log in for a
long time.

Hope that gives you some ideas; it's not 100% clear from your wording
if this is the sort of answer you're looking for :)

-Jeff

On Thu, Mar 6, 2008 at 2:06 PM, Christian Kortenhorst <namit at namit.org> wrote:
> Hey
>  Just wondering what is the best way to do this, i am creating 15
>  environments and want to change password to a value that pass for each
>  environment.
>  Can anyone help me in best way to do this?
>  Or even if i can set default password to all of them and let users change it
>  whenever they ssh first time in.
>
>  Thanks
>
>  --
>  Christian Kortenhorst
>  +353-(0)87-6183349
>  +353-(0)1-4966287
>
>
>
>