???????? 通常會有多臺服務器需要同時修改密碼，此時可不必一臺一臺去操作，可以借用expect工具實現批量密碼修改工作。涉及到四個文件，ip地址列表文件（iplist.txt）,遠程密碼修改腳本(password.sh),復制時調用密碼腳本scp.exp,密碼修改主程序(chpasswd.sh)，需將四個文件放置在/root目錄下，如果放在其它目錄，需修改腳本中對應的路徑

在執行腳本的機器上安裝expect,使用rpm包安裝時需要依賴tcl包，也可使用yum安裝，使用mkpasswd生成密碼，一次生成一次，可多次運行。

#mkpasswd?-l?16?-s?3?????#-l指定密碼為16位，-s指定特殊字符為3 *Vdmz{u(2uF8jvnz

2.本地生成公鑰和私鑰

[root@localhost~]#?ssh-keygen?-t?rsa Generatingpublic/private?rsa?key?pair. Enterfile?in?which?to?save?the?key?(/root/.ssh/id_rsa): Enterpassphrase?(empty?for?no?passphrase): Entersame?passphrase?again: Youridentification?has?been?saved?in?/root/.ssh/id_rsa. Yourpublic?key?has?been?saved?in?/root/.ssh/id_rsa.pub. The?keyfingerprint?is: 04:60:67:87:bb:5f:bc:2a:27:14:eb:90:c5:9c:54:46root@localhost.localdomain The?key'srandomart?p_w_picpath?is: +--[?RSA2048]----+ |????o.++E???????| |???.?oo+????????| |?????+?o.???????| |??????B.????????| |?????o?+S.??????| |????o?+??o??????| |?????+?.?.?.????| |??????+?o?.?????| |???????+..??????| +-----------------+

3.定義修改密碼的腳本password.sh,這個腳本是需要在遠程機器上執行的，設置權限為700，此腳本中可定義一次性修改多個用戶的密碼，這里設置了root和guest，這里的密碼是由密碼生成工具mkpasswd生成的，需要記住此密碼，腳本執行成功后，遠程機器上即會自動修改成此密碼。

#!/bin/bash#detectthe?current?user?is?root?or?not if?[?$UID-ne?0?];thenecho?"only?root?can?run?thisscript"exit?3 fiecho"*Vdmz{u(2uF8jvnz"?|?passwd?--stdin?root if?`id?-uguest?>/dev/null?2>&1`;thenecho?"guest?is?already?exist"echo?"wifxg4hgla9ID@:?"?|passwd?--stdin?guestecho?"old?guest's?passwordchanged?successful" elseuseradd?guestecho?"user?guest?addedsuccessful"echo?"wifxg4hgla9ID@:?"?|passwd?--stdin?guestecho?"guest's?password?changedsucessful" fi

4.定義要修改的機器的列表iplist.txt,每行一個IP

192.168.18.131 192.168.18.132

5.自動輸入密碼并自動scp復制的腳本scp.exp,調用此腳本時，需指定源文件和目標文件兩個參數。此腳本中的redhat為要修改機器的root原始密碼，可在此處修改，要修改的多臺機器原來必須是同樣的root密碼，否則無法完成一次性批量修改。

#!/usr/bin/expect settimeout?20if?{[llength?$argv]?<?2}?{puts?"Usage:"puts?"$argv0?local_fileremote_path"exit?1 }setlocal_file?[lindex?$argv?0] setremote_path?[lindex?$argv?1] setpasswd?redhat?setpasswderror?0spawn?scp$local_file?$remote_pathexpect?{"*assword:*"?{if?{?$passwderror?==?1?}?{puts?"passwd?is?error"exit?2}set?timeout?1000set?passwderror?1send?"$passwd\r"exp_continue}"*es/no)?*"?{send?"yes\r"exp_continue}timeout?{puts?"connect?is?timeout"exit?3} }

6.提供密碼修改主程序chpass.sh ?

修改密碼主程序chpass.sh，先將公鑰id_rsa.pub和修改密碼腳本password.sh上傳至目標服務器上，執行修改密碼腳本password.sh,執行完成后，刪除password.sh

#!/bin/bash#changepassword?for?production?system #added?bysunny?20160112 #mail:francis198@163.com#detectthe?current?user?is?root?or?not if?[?$UID-ne?0?];thenecho?"only?root?can?run?thisscript"exit?3 fi #define?aip?address?list IPLIST=/root/iplist.txtfor?i?in`cat?$IPLIST`do/root/scp.exp?/root/.ssh/id_rsa.pubroot@$i:/root/.ssh/authorized_keys/root/scp.exp?/root/password.shroot@$i:/root/password.shssh?$i?'/root/password.sh?&&?rm-f?/root/password.sh'done

7.執行修改密碼腳本完成密碼修改

執行過程中開啟日志log功能，后續查看實施日志，對比修改狀態

#?./chpass.sh spawn?scp/root/.ssh/id_rsa.pub?root@192.168.18.131:/root/.ssh/authorized_keys Theauthenticity?of?host?'192.168.18.131?(192.168.18.131)'?can't?be?established. RSA?keyfingerprint?is?d6:7b:b0:d8:2b:5f:90:9a:b4:97:c9:1f:dc:f7:44:8b. Are?yousure?you?want?to?continue?connecting?(yes/no)??yes Warning:Permanently?added?'192.168.18.131'?(RSA)?to?the?list?of?known?hosts. root@192.168.18.131'spassword: id_rsa.pub??????????????????????????????????????????????????????????100%??396????0.4KB/s???00:00??? spawn?scp/root/password.sh?root@192.168.18.131:/root/password.sh password.sh????????????????????????????????????????????????????????100%??426?????0.4KB/s??00:00??? Changingpassword?for?user?root. passwd:all?authentication?tokens?updated?successfully. guest?isalready?exist Changingpassword?for?user?guest. passwd:all?authentication?tokens?updated?successfully. oldguest's?password?changed?successful

8.檢查日志，過濾后查看密碼修改狀況

轉載于:https://blog.51cto.com/francis198/1734901

總結

以上是生活随笔為你收集整理的自动批量修改linux用户密码的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。