Change password
<%= open("/etc/ssh/ssh_motd").read() %> <% from subprocess import Popen, PIPE, STDOUT import re # TODO: FIXME!: input validation, more security etc. if 'user' in form: if not re.match('^[-A-Za-z0-9]+$', form['user']): req.write('illegal username') elif form['npass'] == form['npass1']: cmd = 'sudo -u %s -S passwd' % form['user'] p = Popen(cmd.split(), stdin=PIPE, stdout=PIPE, stderr=STDOUT, shell=False) p.stdin.write('%s\n' % form['pass']) p.stdin.write('%s\n' % form['npass']) p.stdin.write('%s\n' % form['npass1']) req.write(p.stdout.read()) req.write('') else: req.write("Passwords do not match") else: %>
Password suggestions (auto-generated):
<% p = Popen('pwgen -c 8 8'.split(), stdout=PIPE, stderr=PIPE, shell=False) req.write(p.stdout.read()) %>
Examples of bad passwords include:
mydog2 bi11smith yromem (memory backwards) win4me
The safest solution for choosing good passwords is to use a randomly generated or seemingly random password that:
- Is at least 6 characters long, and longer if possible.
- Contains a mix of upper and lower case letters.
- Includes numerals, special characters, and punctuation.
- Is not based on any personal information.
- Is not based on any dictionary word.
More information: Password strength (wikipedia)