13

I have a script that runs on the host and creates/starts/stops a docker container. I'd like the script to change the password of the root user within the container.

Since the container is an ssh server, I tried: sshpass -p 'OLDPASS' ssh root@<container-IP> 'echo -e "NEWPASS\nNEWPASS" | passwd root'

but it doesn't work. Before going ahead and spending more time debugging it, I'd like to know if there's a smarter way to do it.

I understand that the proper "docker way" is to make a script that is run by the Dockerfile, which pulls the password from a shared volume and sets it as the root password. This sounds complicated, but I know how to do it and works well for another docker image I use. But I don't want to do it for this one.

I just need a command that uses Docker or ssh to change a user's password non-interactively.

Chris
  • 173
  • 1
  • 2
  • 8

3 Answers3

17
PASSWORD=$(zenity --password --title="Docker" 2>/dev/null)

will open a popup, asking for password, and return it. No password stored in the script

If you have a docker container where you need to set a password, without caring to much about security, you could add a statement in the Dockerfile:

RUN echo "root:root" | chpasswd
Ulf Samuelsson
  • 171
  • 1
  • 3
  • I have the same way to set the method like yours in two of my Dockerfile (different project, but same in the essential parts). But one is working (I can ssh to it) the other doesn't allow me. Any idea why? – ismailsunni Feb 06 '19 at 18:50
  • 7
    +1 Answer would be more transparent if it explained stdin for chpasswd: `echo username:newpassword | chpasswd` – Jonathan Komar Jul 26 '19 at 09:54
9

This is not related to Docker. You need to explicitly say passwd that you are going to provide password from stdin.

user='root'
pass='newpassword'
chpasswd <<<"$user:$pass"
Bruno Bronosky
  • 4,429
  • 3
  • 24
  • 32
user1700494
  • 1,642
  • 2
  • 11
  • 20
  • Thanks for the input. --stdin is not supported on ubuntu though. It doesn't work. – Chris Apr 29 '16 at 19:44
  • 17
    `--stdin` has been depreciated on newer Linux systems. Use `chpasswd` instead: `echo username:newpassword | chpasswd` – unblevable Feb 21 '17 at 22:19
1

This works flawlessly on Ubuntu 14.04.4 LTS:

In the script that rebuilds the container (which should be running on the "host"), add these lines:

$PASS='<a-good-password>'
echo -e "$PASS\n$PASS" | sudo docker exec -i <container-id-or-name> passwd
Chris
  • 173
  • 1
  • 2
  • 8
  • 1
    Putting the actual password in a script is a very insecure way to be handling passwords. It would be much more secure to put a properly hashed password in the script and use `usermod` rather than `passwd`. – kasperd Jun 04 '16 at 12:30
  • 1
    Good point, thanks. In this case I'm ok with the risk, as this is just a docker container that does very few things. If someone can read the script they already own the rest of the server. I'll keep it in mind for next time though :). – Chris Jun 04 '16 at 19:38