Re: How do I send a password to a command I start with Perl's Expect.pm

It would be far better to take a different approach to handling your passwords!

First of all, you never want a script to be able to log-on to anything as root.

while (1) { print "never! "; }

Secondly, if you need to maintain consistent passwords across a large number of systems, “the right way to do it” (IMHO...) is to use LDAP authentication. Instead of consulting a local password-file, your system issues a secure LDAP query to a central server. (Yes, I am drawing a simplified picture.) Now you can manage all of your authentication and authorization tasks, across systems of all types, from one central location. Most major subsystems are already aware of it. Apache, for example, provides mod_ldap. I really don’t think that I am wrong to say, “this is how it’s done in the real world; go thou and do likewise.”

(Incidentally, Microsoft calls the same technology Active Directory.™)

Linux systems have a very nice facility known as PAM (Pluggable Authentication Modules) which provides a very flexible interface foundation. There are drop-in authentication modules which consult LDAP.

(Please note also that there are competing technologies, such as Kerberos, which perform a comparable function. The essential idea for our purposes is the same.)

Replies are listed 'Best First'.
Re^2: How do I send a password to a command I start with Perl's Expect.pm by Anonymous Monk on Oct 23, 2010 at 02:08 UTC
Thanks for reminder, my script login as root using ssh keys so I don't think is an issue. My problem here is very simple actually if only the affected system(HP-UX) will support it. I just simple need to change/update the password of the user, so I did is login the system as root via Net::SSH::Perl, and execute 'passwd username' after that the system will prompt for new password for that user thus my problem arise, how to supply/key-in the password on the prompt, the same reason I try to use Expect.pm but as I don't how to use it then came this seek for help.	[reply]
Re^2: How do I send a password to a command I start with Perl's Expect.pm by Anonymous Monk on Oct 23, 2010 at 02:12 UTC
False. You don't want your root authentication to be dependent on some sort of remote authentication, nor do want it to be based on trust. The first you loose access to the system should your LDAP/Kerberos/Active Directory be down. The second because getting root on a trusted machine gives you root on all machines. Since your root is not LDAP/etc. you will want a script to automate the root password change eventually.	[reply]