Is there a way to change password remotely by running a script?

is there a way to change password remotely by running a script ?
or just 1 command like ssh@$ip 'passwd etc'

Do you have a really good use case? You’re root by default. Just ssh root@ip and change the password or do it in the GUI.

Better yet, use public key authentication.

1 Like

You can manipulate the /etc/shadow directly (with something like sed for example) or you can craft input to passwd command (which was covered in wiki a while back if memory serves me).

1 Like


maybe this ?

( echo "$PASS"; sleep 1; echo "$PASS" )|/bin/passwd
1 Like

i tried this script

echo $pa
ssh  root@ '( echo "$pa"; sleep 1; echo "$pa" )|/bin/passwd'


root@my:~# /root/configurater/

root@'s password:
Changing password for root
New password:
Bad password: too short
Retype password:
passwd: password for root changed by root

But it makes password on remote host empty

i need it in script, if there is no way to do it automatically my script will do it manually at the begining

Usually such things are done in scripts using expect - it doesn't need to be available on the router, just the host running the script. It's a little hard to search online, but found this ready-made script on GitHub:

Edit: that one does a bit too much, here's a simple one:

Edit 2: I've debugged your script, please see my latter reply

that is a way i using it on my dumb AP fleet

every AP has passwd entry set in /etc/config/system when flashing,
then rc.local will change root password on startup according to /etc/config/system/passwd entry

fi get it right, this is called script :slight_smile:

1 Like

Your script sets pa on your local computer, but the single quotes in ssh root@ '( echo "$pa"; sleep 1; echo "$pa" )|/bin/passwd' prevent the variable substitution from happening - the password is set to the empty string because the variable is substituted by the router's shell, where pa is not set and thus returns the empty string. There are ways to fix this, the simplest would be

ssh root@ '( echo "'"$pa"'"; sleep 1; echo "'"$pa"'" )|/bin/passwd' - this way the router's shell sees and executes ( echo "32324332fdsf3FFFfsfs343"; sleep 1; echo "32324332fdsf3FFFfsfs343" )|/bin/passwd - you can verify this by adding echo to the beginning of the line:

$ pa=32324332fdsf3FFFfsfs343
$ echo ssh root@ '( echo "'"$pa"'"; sleep 1; echo "'"$pa"'" )|/bin/passwd'
ssh root@ ( echo "32324332fdsf3FFFfsfs343"; sleep 1; echo "32324332fdsf3FFFfsfs343" )|/bin/passwd

Older LuCI versions used to do it this way:

Converted to your style:
(echo "$pa"; sleep 1; echo "$pa") | passwd root >/dev/null 2>&1

Possibly the output redirect >/dev/null 2>&1 is needed.


No, it's the quotation that's the problem - see my earlier reply. The output redirect only makes the process quiet.


This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.