Approach 1:
Code: Select all
new_pwd="new_password_here"
echo -e "$new_pwd\n$new_pwd" | passwd
pwd_hash=$(cat /etc/passwd | grep ${USER} | cut -d ":" -f 2)
sed -ir "s!users.1.password=.+!users.1.password=${pwd_hash}!" /var/tmp/system.cfg
save
The advantage of this approach is that each device will have it's own unique password hash, which can be considered more secure than the 2nd alternative. The disadvantage is that you need to keep the password in clear-text inside the Config Push preset, and each run of the Push will change device configuration (generate a new hash and save it).
This option is therefore not very well suited for running periodically / on schedule, as it would generate constant Config Change Notifications from your Unimus instance.
Here is the 2nd option:
Code: Select all
new_pwd_hash="$1$FvmuQvF1$ZynBOWqQ7ftHZpOuVua.W."
current_pwd_hash=$(cat /etc/passwd | grep ${USER} | cut -d ":" -f 2)
if [ "$current_pwd_hash" = "$new_pwd_hash" ]; then
echo "Password already set, no update needed."
else
sed -ir "s!users.1.password=.+!users.1.password=${new_pwd_hash}!" /var/tmp/system.cfg
echo "Password updated!"
save
fi
When running the 2nd option in Unimus, you would get 2 output groups - one with devices which already had correct password, and another with devices on which the password was updated. You could easily then trigger a "reboot" only on devices that need it with a few clicks.
To generate the hash, you can use the "mkpasswd -m md5" command. Please note that airOS does NOT support hashes other than md5, and using a different hash will result in an inaccessible device.