pwgen和mkpasswd都有自己动生成密码文件的功能。而且mkpasswd可以自动更改密码到指定用户。两者的区别如下:

1、pwgen的用法

 1Usage: pwgen [ OPTIONS ] [ pw_length ] [ num_pw ]
 2Options supported by pwgen:
 3  -c or --capitalize
 4        Include at least one capital letter in the password
 5  -A or --no-capitalize
 6        Don't include capital letters in the password
 7  -n or --numerals
 8        Include at least one number in the password
 9  -0 or --no-numerals
10        Don't include numbers in the password
11  -y or --symbols
12        Include at least one special symbol in the password
13  -s or --secure
14        Generate completely random passwords
15  -B or --ambiguous
16        Don't include ambiguous characters in the password
17  -h or --help
18        Print a help message
19  -H or --sha1=path/to/file[#seed]
20        Use sha1 hash of given file as a (not so) random generator
21  -C
22        Print the generated passwords in columns
23  -1
24        Don't print the generated passwords in columns
25  -v or --no-vowels
26        Do not use any vowels so as to avoid accidental nasty words

2、mkpasswd的用法

mkpasswd的用法可以使用man mkpasswd查看,这里就不列了,用法大致如下:

1#长度为20的密码 mkpasswd -l 20
2#长度为15的密码,并且含有5个数字
3mkpasswd -l 15 -d 5
4#长度为15的密码,并且含有5个数字,并指定更改的用户为test
5mkpasswd -l 15 -d 5 test
6#最后搞个暴力的,定义长度10,含有5个数字和5个特殊字符。
7mkpasswd -l 10 -d 5 -s 5

1、利用pwgen自动更改密码,并发送到相关邮件中。

 1#!/bin/bash
 2cd /root/test
 3if [ -f "passfile" ];then
 4mv passfile passfile.$(date +%Y%m%d)
 5fi
 6passfile=/root/test/passfile
 7>$passfile                        #如果不存在新建该文件
 8list="abc test vie"
 9for user in $list
10 do
11   if  ! grep -w ^$user /etc/passwd > /dev/null
12   then
13    echo "user NOT present: $user"
14  else
15   echo "user present: $user"
16  pass=$(/usr/local/bin/pwgen -1 -sy 16)    #随机生成一个密码文件,且至少包含一个特别字符
17  echo "$user:$pass">>$passfile
18 fi
19done
20cat $passfile | /usr/sbin/chpasswd
21echo "jiqiming   or  IP address " >> $passfile
22mail -s mima [email protected] < /root/test/passwd

若使用mkpasswd,则将上面的脚本中的pwgen换成mkpasswd,后面的参数也相应的改下。脚本很简单,不多介绍。一般mkpasswd是系统默认安装的,pwgen需要另外安装,地址如下:

http://ncu.dl.sourceforge.net/project/pwgen/pwgen/2.06/pwgen-2.06.tar.gz

2、脚本实现

另外不利用上面两个工具,我们也可以直接通过脚本实现,如下:

定期自动更改密码并发送邮件的小脚本

 1#!/bin/bash
 2tr -dc _A-Z-a-z#$%^*-0-9 </dev/urandom |head -c20 >/home/1.txt
 3cat /home/1.txt |passwd root --stdin
 4SendStatus=`mail -v -s "test mail" [email protected] < /home/1.txt  | grep -c "Sender ok" `
 5rm -rf /home/1.txt
 6if [ "$SendStatus" == "1" ] ; then
 7echo "Sender mail ok"
 8else
 9echo "Sender mail fail!"
10sleep 50
11sh /home/ceshi.sh
12fi

上面无非是提供了三种工具实现密码文件的生成,并利用其来更改密码。具体修改的思路是大同小异的——都是利用shell脚本来批量完成。