We have 200+ switches, there is any script to change the password?

  • 25 April 2016
  • 8 replies
  • 704 views

We have 200+ switches, there is any script to change the password?

8 replies

Userlevel 6
Hi Dineshkumar,

Do you have NetSight? Or you are looking for some Python script?
Am looking for some script in bash or anything... Thanks in advance.
Userlevel 6
You can use a expect script. Here is a link to a SSH expect script.

http://stackoverflow.com/questions/19101879/bash-expect-script-for-ssh
Userlevel 2
any guide of how to do this with Netsight?
Userlevel 3
You can use the Command Script Execution tool within Netsight Console. Each line you type in will be just like you typed it in with telnet/ssh. So for example in EOS if I wanted to change the admin password to "password" I would type: set password password password exit (the blank space is for the old password)
Userlevel 3
Hello,

I think for users login/password you should configure TACACS+.
Switch login/password should be a last resort login when TACACS server is not available..

For password changing you can use telnet/netcat in bash.
Example:
echo "commands "| netcat -v -i 3 IP_Address 23 -T
(this means telnet to IP and enter each command with 3 sec. delay)

But for 200+ switches you should be careful....don't do this in one script.

--
Jarek
I used the below to create a user on multiple x450 switches with OneView, but you'd have to delete the script after using it as password is stored in clear text. As previously stated expect would be a good option too. #@MetaDataStart ############################################################################################# # Define your user parameters in this section. For reference, see bundled scripts. ############################################################################################# #@MetaDataEnd # Enter all CLI commands from here ####################################################################### # Add System Accounts ####################################################################### ## Admin create account admin <> regexp {.*password:.*} ${CLI.OUT} foundit1 IF ([info exists foundit1]) THEN CLI <> ENDIF regexp {.*Reenter password:.*} ${CLI.OUT} foundit2 IF ([info exists foundit2]) THEN CLI <> ENDIF Ed.
Userlevel 7
Don't discredit TACACS (as Jarek suggested) or RADIUS for future use.
Here's some information on RADIUS configuration if it comes up later.

Reply