chpasswd - update passwords in batch mode
The chpasswd command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users. Each line is of the format:
By default the supplied password must be in clear-text, and is encrypted by chpasswd. Also the password age will be updated, if present.
The default encryption algorithm can be defined for the system with the ENCRYPT_METHOD variable of /etc/login.defs, and can be overwiten with the -e, -m, or –c options.
chpasswd first update the password in memory, and then commit all the changes to disk if no errors occured for any users.
This command is intended to be used in a large system environment where many accounts are created at a single time.
|-c, --crypt-method||Use the specified method to encrypt the passwords. The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods.|
|-e, --encrypted||Supplied passwords are in encrypted form.|
|-h, --help||Display help message and exit.
|-m, --md5||Use MD5 encryption instead of DES when the supplied passwords are not encrypted.|
|-s, --sha-rounds||Use the specified number of rounds to encrypt the passwords.
The value 0 means that the system will choose the default number of rounds for the crypt method (5000).A minimal value of 1000 and a maximal value of 999,999,999 will be enforced.
You can only use this option with the SHA256 or SHA512 crypt method.By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in /etc/login.defs.
To set passwords for users from the command line, type:
Followed by entering username:password pairs, one pair per line. Enter CTRL+D when finished.
user1:passwd1 user2:passwd2 CTRL+D
To set passwords for users contained in a file named mypwdfile, type the following:
# cat mypwdfile | chpasswd
Note that mypwdfile must contain username:password pairs; one pair per line. For example:
To change password using another encryption method:
# chpasswd -ec MD5
Now MD5 encrypted passwords must be given.
You can use SHA512 as your encryption algorithm as well.