How to migrate the password of a user to another server?
Solution 1
I found chpasswd
tool. With -e
it accepts a list of users with their encrypted passwords to set. It's just what I've been looking for.
Solution 2
Since there are few enough accounts for you to migrate manually I think lifting the hashes by hand is the way to go. That's how I'd do it atleast.
Solution 3
Well, you wouldn't need to do it by hand. Just use lastlog
to get the list of users who have logged on at least once in, for example, the past year and then grep
them in /etc/shadow
:
lastlog -t 365 | gawk '{print $1}' | tail -n +2 | while read n; do \
grep -w $n /etc/shadow; done
You could also automate the user creation on the new server as described in my answer here.
Related videos on Youtube
Petr
Updated on September 18, 2022Comments
-
Petr over 1 year
I'm migrating users from an old server to a new one. It's only a few users, we want to migrate only the active ones and reorganize groups in the process, so I'm doing it manually. One problem remains: How can I migrate their passwords to the new server? Is there a better way than copying password hashes from
/etc/shadow
by hand? -
Petr over 11 yearsTBH I'm not sure, and my first experiments aren't very successful. But I don't know any other way how to do it.
-
cpast over 11 yearsCopying shadow lines does work; I did it not too long ago during a server move with lots of users. It broke a few users, but almost all still worked.
-
Drux almost 7 yearsCan you please elaborate on how lifting hashes by hand. I assume this means copying hashed passwords, i.e. items between second and third colons in lines for eligible users, from /etc/shadow on source system and pasting them into corresponding lines on target system. Right?
-
azzid almost 7 years@Drux Right. Just copy the appropriate lines from /etc/shadow. Or if the user has a line in the target file, just copy the password hash. It's the only field that looks like gibberish. ;-)