Are you wondering how to add a user with a password using a shell script under Linux? Let us see how to add a new user and set/change a password including chaning the existing Linux user’s password in a Linux shell script.
You can quickly write a shell script that reads username, password from the keyboard, and add a username to the /etc/passwd and store encrypted password in /etc/shadow file using useradd command. The useradd command/adduser command used to create a new user on Linux and passwd command to set or change password for users. This page shows how to add a user account AND password with a bash shell script running on Linux operating systems.
Linux shell script to add a user with a password
The syntax is as follows:
useradd -m -p EncryptedPasswordHere username
- -m : The user’s home directory will be created if it does not exist.
- -p EncryptedPasswordHere : The encrypted password, as returned by crypt().
- username : Add this user to the Linux system,
Step 1 – Create an encrypted password
You need to create an encrypted password using Perl crypt() as follows:
crypt($plain, $salt) ## perl one liner ## perl -e 'print crypt("Your-Clear-Text-Password-Here", "salt"),"\n"'
Please note that crypt() is a one-way hash function. The PLAINTEXT ($plain) and SALT are turned into a short string, called a digest, which is returned. The same PLAINTEXT and SALT will always return the same string, but there is no (known) way to get the original PLAINTEXT from the hash. Small changes in the PLAINTEXT or SALT will result in large changes in the digest. Let us try out perl example:
perl -e 'print crypt("2IL@ove19Pizza4_", "salt"),"\n"'
The Perl command will display the encrypted password (sa.KT9zrGYeg2) on screen. The Perl crypt() function is a one way encryption method meaning, once a password has been encrypted, it cannot be decrypted. The password string is taken from the user and encrypted with the salt and displayed back on computer screen. We can store an encrypted password using the following syntax:
password="1YelloDog@" pass=$(perl -e 'print crypt($ARGV, "password")' $password) echo "$pass"
Warning: You must understand other users and system processes can view passwords processed using the CLI tools, and it is a security risk when you store passwords in a plain text format. Linux can hide processes from other users and ps command using this guide to limit some damage. I would recommend using Ansible Vault to storing passwords as well as changing them in bulk.
Step 2 – Shell script to add a user and password on Linux
Based upon above discussion here is a sample shell script (Download link):
#!/bin/bash # Purpose - Script to add a user to Linux system including passsword # Author - Vivek Gite <www.cyberciti.biz> under GPL v2.0+ # ------------------------------------------------------------------ # Am i Root user? if [ $(id -u) -eq 0 ]; then read -p "Enter username : " username read -s -p "Enter password : " password egrep "^$username" /etc/passwd >/dev/null if [ $? -eq 0 ]; then echo "$username exists!" exit 1 else pass=$(perl -e 'print crypt($ARGV, "password")' $password) useradd -m -p "$pass" "$username" [ $? -eq 0 ] && echo "User has been added to system!" || echo "Failed to add a user!" fi else echo "Only root may add a user to the system." exit 2 fi
Close and save the script file. Next set permissions using the chmod command:
chmod +x add-user-script.sh
Run it as following
Only root may add a user to the system.
$ sudo ./add-user-script.sh
Or run it as root user:
Enter username : roja Enter password : HIDDEN User has been added to system!
Now user roja can login with a password called HIDDEN. Here is sample session outputs:
Step 3 – Change existing Linux user’s password in one CLI
We are going use the chpasswd command that reads a list of user names and password pairs from the keyboard and uses this information to update a group of existing users. The syntax is as follows:
echo "user_name:password" | chpasswd
However, the passwords must be provided in clear-text format, and are encrypted by the chpasswd command. For example, set or change user password, run:
# echo 'vivek:@iLovePizzaEvery1day' | chpasswd
Verify that password has been changed using the chage command:
# chage -l vivek
We can use the grep command/egrep command to search for usernames:
grep "^username" /etc/passwd
grep "^tom" /etc/passwd
If the chpasswd command not installed, use your systems package manager tool such as apt command/apt-get command/dnf command/yum command to install the same.
Step 4 – Create Users and change passwords with passwd on a CentOS/RHEL
The passwd command on CentOS/RHEL/Fedora and co comes with a special command-line option to change the password using a shell pipe as follows:
# echo "YourPassword" | passwd --stdin UserName
# echo "I4Love2Ubu@ntuLinux_" | passwd --stdin vivek
Outputs from sample session:
Changing password for user vivek. passwd: all authentication tokens updated successfully.
So the --stdin option is used to indicate that passwd command should read the new password from standard input such as keyboard, which can be a pipe and must be run by root user.
You learned various methods to add a new user and set a password using a shell script. See the following for more info: