Change the password of system users linux

Solution 1:

To answer the question "can changing the password of system users generate any problems for the server?", the answer is yes. Don't do that.

The real answer is in Michael's comment, that instead of setting passwords for all users, you should remove the password so no one, especially root, has a password. Make sure you've got at least one account with sudo privileges and ssh public key access though so you can get in and manage the system. (Unless you build everything with Infrastructure as Code like CloudFormation or Terraform.)

But, you've been hacked, so the real real answer is that you don't know what all has been done on that server, and it should be taken offline and wiped. Reformat all the drives, reload the operating system, and restore the data from a known-good backup, if you know how far back the unauthorized access goes.

Obviously, that's a disruptive process, so it's up to you how much risk you want to accept. For security, I tend to err on the side of caution and assume that everything is compromised.