A common task of the IT administrator is to force user password changes. Interesting way how to ensure this task is to get their password encrypted hash and implement it directly in the appropriate /etc/shadow, or .htpasswd file. Here is how:

1. Creating a hash - user part

User will create hash personaly through simple web form. The form is a mix of technologies jquery, php and system command htpasswd. In the attached package you will find the HTML, JS and PHP file. Simply publish it to your https proprietary web server. In the PHP script there is simple logging mechanism - you can check whether the hash is really made by your user and in your own server. For demo purposes (or on your own risk) we provide this service here, but without https security layer and without this log file...

2. Edit file - administrator part

So, the hash we have. Now just replace it in your password file. If you make it often, here is simple script for acceleration:

#!/bin/bash

[ "$3" == "" ] && echo usage: $0 username pwdhash passwordfile && exit


sed   "s/^$1:[^:]*/$1:$2/g"  $3 >/tmp/z && diff $3 /tmp/z 
echo "cat /tmp/z >$3 && rm /tmp/z"

Result of its launch is a copy of the relevant modified file. Last result line of the script is a command for rewriting the original. If ensured, use it...

3. Test

Although the resulting hash is a cross-platform and can be used for various security systems, ask the user to test the implementation.

And here is the promised demo Password hash maker