Used PowerShell to change my RHEL root passwords via PuTTY, but I don't know what I changed my password to

root linux powershell putty redhat

Basically the title. My friend provided me a script to batch change RHEL passwords via Powershell and PuTTY, but the new password I entered doesn't work when I try to log in. I think the issue is that it doesn't escape one of the special characters that's in the new password, but I can't figure out what the new password would have been.

The "new password" I used was similar to this: a1b2c3d"4e5f6g7

I attempted to replace the secure strings for regular strings, or use telnet instead of SSH with a packet capture to determine what exactly is being sent, but none of that has worked thus far.

System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword
     $newrootPassword2 = Read-Host "Retype new root password" -AsSecureString
     $newrootCredential2 = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$newrootPassword2


    putty.exe -ssh -pw $oldrootCredential.GetNetworkCredential().Password root@$_

    echo y | plink.exe -ssh -v -pw $oldrootCredential.GetNetworkCredential().Password root@$_ "echo root:'$newrootPassword' | chpasswd" 2>&1

I expected the new password to be a1b2c3d"4e5f6g7; however, this does not work upon login.


Solution 1:

The problem is you are trying to pass SecureString into something that expects a standard string. The Password property is in SecureString format, you won't be able to pass this to plink, it will just get translated as System.Security.SecureString If the password change actually worked this is what password would have been set.

To translate a SecureString to text format suitable for plink command you need to use function like this example from here

function Get-PlainText()
{
    [CmdletBinding()]
    param
    (
        [parameter(Mandatory = $true)]
        [System.Security.SecureString]$SecureString
    )
    BEGIN { }
    PROCESS
    {
        $bstr = [Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecureString);

        try
        {
            return [Runtime.InteropServices.Marshal]::PtrToStringBSTR($bstr);
        }
        finally
        {
            [Runtime.InteropServices.Marshal]::FreeBSTR($bstr);
        }
    }
    END { }
}

You can test your commands by using Write-Host to output command line value before testing with actual plink.exe. Or you can run ProcMon and filter on Operation is Process Create, then when you see plink.exe launched you can use properties to see the full actual command line that is getting passed.

Related

kube-proxy won't start in Minikube because of permission denied issue with /proc/sys/net/netfilter/nf_conntrack_max
Which file system to use for portable hard drive shared among different operating systems?
What is the maximum memory that an IIS6 web site/app pool can use?
How to save settings when reinstalling Ubuntu 9.04?
Different ways of displaying documents between Adobe Reader and Preview
Force DNS server ip while connected to VPN
Dynamically change opening app according to file folder
Exchanged HDD in MacBook Pro - OS X installation disk shows prohibitory sign
How to troubleshoot apps of which multiple instances can be launched
MacBook Pro Late-2013 SD card reader not loading cards after 10.10.2 update
How do I notify a blocked caller that he has been blocked on my iPhone 5?
Do I have to replace the LCD if the iPad screen is cracked?