mass reset passsword - server and users

Submitted by sgrayban on Wed, 04/17/2013 - 23:51

is there a way mass reset all passwords when something goes wrong ?

Status: 
Active

Comments

Submitted by JamieCameron on Thu, 04/18/2013 - 00:27

Do you mean reset all domains to some fixed password, or to the passwords they were originally created with?

Submitted by sgrayban on Thu, 04/18/2013 - 17:16

A random password because I am seeing alot of my clients web clients are using dictionary passwords and I want to simply change en-mass all passwords including email passwords.

Submitted by JamieCameron on Thu, 04/18/2013 - 19:52

You could reset all domains with a shell script like :

for dom in \`virtualmin list-domains --name-only --toplevel\`; do
  virtualmin modify-domain --domain $dom --pass XXX
done

where XXX is the password you want to set. This will apply to all domain owners, not mailboxes.

Submitted by sgrayban on Wed, 04/24/2013 - 00:54

Is it possible for user accounts ?

Submitted by andreychek on Wed, 04/24/2013 - 08:44

You can reset the passwords for all accounts in your Virtual Servers -- including email, FTP, and database accounts -- by using the "virtualmin list-users" command line option, and looping over that output.

That would look something like this:

for dom in \`virtualmin list-domains --name-only\`; do
      for user in \`virtualmin list-users --domain $dom --name-only\`; do
            virtualmin modify-user --user $user --domain $dom --pass XXX
      done
done

Submitted by sebastianmorsony on Fri, 05/03/2013 - 11:00 Pro Licensee

Could this be a generated password, that was logged to a file at the same time? I have the same issue, and want to force new and stronger passwords for all users.

Submitted by sgrayban on Tue, 05/07/2013 - 03:18

What would be nice a javascript button that will generate a strong password or at the very least a password strength meter. Something like what Wordpress uses.

And a check mark that will prevent dictionary/easy passwords.

Submitted by sebastianmorsony on Sat, 08/10/2013 - 10:12 Pro Licensee

Hi again

Never got this fixed, and we keep getting "hacked" by password guessing.

Can I use the virtualmin tool to find users that use a specific password, and change that to let say first 3 letters from domainname plus something generated?

I can see the passwords for all my virtualservers when clicking show password, and you have a password generator. A script that could use these 2 things, so I could find all passwords based on the show password output.

Thanks Sebastian

Submitted by JamieCameron on Sat, 08/10/2013 - 13:47

You could script this using the Virtualmin command line API - see http://www.virtualmin.com/documentation/developer/cli

Also, it is possible to control the password strength required for domains and mailboxes, at Webmin -> System -> Users and Groups -> Module Config -> Password restrictions.

Submitted by sebastianmorsony on Sat, 08/10/2013 - 14:02 Pro Licensee

Hi Jamie

I've been looking at the CLI, but haven't found any way to get the virtuel server owners password, so I could check for the weak passwords. Could you point me to the command for that? And the password generator function, that I can use in Virtualmin. Hope that is accessible from CLI as well.

Thanks Sebastian

Submitted by JamieCameron on Sat, 08/10/2013 - 20:10

You could get it with the command :

virtualmin list-domains --domain example.com --multiline | grep Password

Submitted by sebastianmorsony on Mon, 08/12/2013 - 07:42 Pro Licensee

Just what I was looking for. Thanks

I will now try to make a Shell script, that findes domains that uses a specific password, and generate a new one. :)

Submitted by sebastianmorsony on Mon, 08/26/2013 - 06:47 Pro Licensee

This is the script, that ended up coding. Not the best looking code, but it works. :-)

for dom in virtualmin list-domains --name-only --toplevel; do

GetPassword=virtualmin list-domains --domain $dom --multiline | grep 'Password:' | awk '{print $2}'; GeneratePassword=date | md5sum | fold -w 8 | head -n 1;

if [ "$GetPassword" == "unsafepassword" ] then virtualmin modify-domain --domain $dom --pass $GeneratePassword else echo "False $GetPassword $GeneratePassword $GetUser $dom"

fi done