BLOG POSTS
    MangoHost Blog / How to Change and Reset User Passwords with passwd and chpasswd
How to Change and Reset User Passwords with passwd and chpasswd

How to Change and Reset User Passwords with passwd and chpasswd

Why Password Management Matters for Server Owners

Alright, let’s get real for a second. If you’re running anything from a tiny Docker container to a beefy dedicated server, user passwords are your first line of defense. Whether you’re spinning up a VPS for your next side project or managing a fleet of cloud instances, knowing how to change and reset user passwords is absolutely essential. Mess this up, and you could be handing the keys to your digital kingdom to anyone who asks nicely (or not so nicely).

But let’s be honest: password management isn’t the sexiest topic. It’s one of those “I’ll deal with it later” things—until you’re locked out, or worse, someone else gets in. So, let’s break down the nitty-gritty of using passwd and chpasswd—two classic Linux tools that make password changes a breeze, whether you’re a solo developer or wrangling users on a big team.

Three Big Questions Every Server Owner Asks

  • How do I quickly change or reset a user’s password?
  • What’s the difference between passwd and chpasswd, and when should I use each?
  • How can I automate password management for multiple users?

How Does It Work? The Algorithms and Structure Under the Hood

Let’s geek out for a second. Both passwd and chpasswd interact with the /etc/shadow file, where Linux stores hashed user passwords. When you set or reset a password, these tools:

  1. Prompt (or accept) a new password.
  2. Hash the password using a secure algorithm (these days, usually SHA-512).
  3. Update the /etc/shadow file with the new hash.

But the way you interact with these tools is a little different. passwd is interactive—great for one-offs. chpasswd is batch-friendly—perfect for automation and scripting.

Setting Up Password Changes: Quick and Dirty Guide

1. Using passwd: The Classic Way

Let’s say you want to change your own password (or another user’s, if you’re root):

passwd
# or, as root:
passwd username

It’ll prompt you for the new password (and, if you’re changing your own, your current password too). That’s it. Simple, but not great if you have 20 users to reset.

2. Using chpasswd: The Automation Hero

Now, let’s say you’re onboarding a team, or you want to reset passwords for a bunch of users at once. chpasswd is your friend. It reads username:password pairs from standard input:

echo "alice:SuperSecret123" | chpasswd

Or, for multiple users:

cat <<EOF | chpasswd
alice:SuperSecret123
bob:AnotherPass456
charlie:YetAnother789
EOF

That’s it—no prompts, no fuss. Perfect for scripts, Dockerfiles, or cloud-init setups.

3. Resetting Passwords Non-Interactively (Great for Docker and Cloud)

When building Docker images or automating server provisioning, you don’t want interactive prompts. Here’s how you can set a password non-interactively:

echo "root:MyNewRootPass" | chpasswd

Or, using passwd with --stdin (on some distros, like CentOS):

echo "MyNewRootPass" | passwd --stdin root

Note: --stdin isn’t available everywhere. chpasswd is more universal.

Comparison Table: passwd vs chpasswd

Feature passwd chpasswd
Interactive Yes No
Batch/Script Friendly No Yes
Change Multiple Users No Yes
Available on Most Linux Distros Yes Yes
Prompts for Old Password Yes (for own user) No
Great for Automation No Yes

Examples and Real-World Cases

Case 1: The “Oops, I Forgot My Password” Scenario

Positive: You’re the admin. User Bob can’t log in. You run:

passwd bob

Bob’s back in business. No downtime, no drama.

Negative: You try to script this for 50 users. Each one prompts for input. Your script fails. You waste an hour. Solution: Use chpasswd instead.

Case 2: Dockerfile Password Setup

Positive: You want a default password for a user in your Docker image (not recommended for production, but hey, sometimes you need it):

RUN echo "user:password" | chpasswd

Works every time, no prompts, builds cleanly.

Negative: You try to use passwd in a Dockerfile. The build hangs, waiting for input. Lesson: Use chpasswd for automation.

Case 3: Cloud-init User Onboarding

Cloud-init scripts often use chpasswd to set initial passwords for new VMs. It’s fast, reliable, and works with automation tools like Ansible, Terraform, and more.

Beginner Mistakes and Common Myths

  • Myth: “I can just echo a password into passwd.”
    Reality: Doesn’t work on most distros. Use chpasswd instead.
  • Mistake: Leaving default passwords in Docker images or cloud VMs.
    Advice: Always change or randomize passwords before going live.
  • Myth: “Changing the password in /etc/passwd is enough.”
    Reality: Password hashes are stored in /etc/shadow, not /etc/passwd.
  • Mistake: Not using strong passwords.
    Advice: Use password managers or openssl rand to generate strong passwords.

Other Solutions and Utilities

  • passwd – The classic, interactive tool.
  • chpasswd – Batch and script-friendly.
  • usermod – For changing usernames and other user properties, but not passwords.
  • newusers – Create or update multiple users at once, including passwords.
  • pwgen – Generate random passwords for your users.
  • passwdqc – Enforce password quality rules.

For more info, check the official man pages: passwd and chpasswd.

Statistics and Comparison with Other Approaches

  • Most Linux distros (Debian, Ubuntu, CentOS, Fedora) ship with both passwd and chpasswd by default.
  • Cloud providers (AWS, DigitalOcean, etc.) use chpasswd in their provisioning scripts for speed and reliability.
  • Automation tools (Ansible, Chef, Puppet) prefer chpasswd or direct /etc/shadow manipulation for batch operations.

Compared to GUI-based tools (like Webmin), CLI tools are faster, scriptable, and don’t require a browser or extra software.

Interesting Facts and Non-Standard Usage

  • Fun fact: You can use chpasswd to set passwords with different hashing algorithms. For example:
    echo "bob:MyPass" | chpasswd -c SHA512
  • Automation: Combine pwgen and chpasswd to generate and set random passwords for a whole team:
    for user in alice bob charlie; do
      pass=$(pwgen 16 1)
      echo "$user:$pass" | chpasswd
      echo "$user: $pass" >> /root/passwords.txt
    done
    
  • Bulk onboarding: Use chpasswd with a CSV export from your HR system to onboard new hires in seconds.

New Opportunities: Automation and Scripting

Once you master chpasswd, you unlock a world of automation:

  • Onboard or offboard users in bulk with a single script.
  • Rotate passwords regularly for compliance (just schedule a cron job).
  • Integrate with CI/CD pipelines to set up test users on ephemeral servers.
  • Automate password resets for customer support or dev teams.

Seriously, if you’re running any kind of hosting—cloud, VPS, dedicated server, or Docker—this is a must-have skill.

Conclusion: Why, How, and Where to Use passwd and chpasswd

Managing user passwords is one of those “boring but critical” admin tasks. Get it right, and your servers hum along smoothly. Get it wrong, and you’re in for a world of pain (or a security breach). Here’s the TL;DR:

  • Use passwd for quick, interactive password changes—great for one-offs.
  • Use chpasswd for automation, scripting, and bulk operations—essential for anyone managing more than a handful of users.
  • Don’t forget to use strong passwords, and never leave defaults in production.
  • Combine these tools with automation to save time, reduce errors, and keep your hosting environment secure.

Whether you’re running a cloud VM, a Docker container, a VPS, or a dedicated server, mastering passwd and chpasswd will make your life easier—and your servers safer.

Happy hosting, and may your passwords always be strong!



This article incorporates information and material from various online sources. We acknowledge and appreciate the work of all original authors, publishers, and websites. While every effort has been made to appropriately credit the source material, any unintentional oversight or omission does not constitute a copyright infringement. All trademarks, logos, and images mentioned are the property of their respective owners. If you believe that any content used in this article infringes upon your copyright, please contact us immediately for review and prompt action.

This article is intended for informational and educational purposes only and does not infringe on the rights of the copyright owners. If any copyrighted material has been used without proper credit or in violation of copyright laws, it is unintentional and we will rectify it promptly upon notification. Please note that the republishing, redistribution, or reproduction of part or all of the contents in any form is prohibited without express written permission from the author and website owner. For permissions or further inquiries, please contact us.

Leave a reply

Your email address will not be published. Required fields are marked