How to migrate the password of a user to another server?

linux debian passwords user-management

12,578

Solution 1

I found chpasswd tool. With -e it accepts a list of users with their encrypted passwords to set. It's just what I've been looking for.

Solution 2

Since there are few enough accounts for you to migrate manually I think lifting the hashes by hand is the way to go. That's how I'd do it atleast.

Solution 3

Well, you wouldn't need to do it by hand. Just use lastlog to get the list of users who have logged on at least once in, for example, the past year and then grep them in /etc/shadow:

  lastlog -t 365 | gawk '{print $1}' | tail -n +2 | while read n; do \
   grep -w $n /etc/shadow; done

You could also automate the user creation on the new server as described in my answer here.

12,578

Petr

Updated on September 18, 2022

Comments

Petr over 1 year

I'm migrating users from an old server to a new one. It's only a few users, we want to migrate only the active ones and reorganize groups in the process, so I'm doing it manually. One problem remains: How can I migrate their passwords to the new server? Is there a better way than copying password hashes from /etc/shadow by hand?
Petr over 11 years

TBH I'm not sure, and my first experiments aren't very successful. But I don't know any other way how to do it.
cpast over 11 years

Copying shadow lines does work; I did it not too long ago during a server move with lots of users. It broke a few users, but almost all still worked.
Drux almost 7 years

Can you please elaborate on how lifting hashes by hand. I assume this means copying hashed passwords, i.e. items between second and third colons in lines for eligible users, from /etc/shadow on source system and pasting them into corresponding lines on target system. Right?
azzid almost 7 years

@Drux Right. Just copy the appropriate lines from /etc/shadow. Or if the user has a line in the target file, just copy the password hash. It's the only field that looks like gibberish. ;-)