仅限学术目的我正在研究与或选项usermod一起使用的命令:-p--password
通过man usermod存在:
-p, --password PASSWORD
The encrypted password, as returned by crypt(3).
Note: This option is not recommended because the password
(or encrypted password) will be visible by users listing the
processes.
The password will be written in the local /etc/passwd or /etc/shadow file.
This might differ from the password database configured in your PAM configuration.
You should make sure the password respects the system's password policy.
我知道以下两个命令是相同的
sudo usermod -p rodimus_prime rodimusprime-disabledlogin
sudo usermod -p 'rodimus_prime' rodimusprime-disabledlogin
反映为:
sudo cat /etc/shadow | grep prime
rodimusprime-disabledlogin:rodimus_prime:19838:0:99999:7:::
理论上这是一个简单的密码,但它不是正确,从一开始就需要加密密码。因此正确的方法是:
sudo usermod --password $(openssl passwd <plainpasswordtext>) rodimusprime-disabledlogin
sudo usermod --password $(openssl passwd -1 <plainpasswordtext>) rodimusprime-disabledlogin
现在,这个问题的原因,以下说明
Note: This option is not recommended because the password
(or encrypted password) will be visible by users listing the
processes.
如果执行该sudo cat /etc/shadow | grep usernamepattern命令,则根据匹配的模式列出每个用户及其各自的加密密码。正如预期的那样。因此根据提到的特别说明:即使密码是可见的:它是加密的,对吗?所以:
问题
- 为什么
usermod -p不推荐这个命令?