Change Password every week for root user script

Question

I got request to change root Password for every 10 days in all Linux based machines and these are production machines and Enabled with grub password so in case we forgot/missed password both root/grub password we cannot recover.

I have wrote a simple script which redirect password to file that is nfs shared file. So it writes password to nfs shared file for every week.

Below is the file format

 Machine1:
 Machine2:
 Machine3:

we will execute script like

 sh autopass.sh Machine1 

so it change root Password for the Machine1 and replace Machine1 old Password with new Password in nfs share file. So we will send password to authorized users every week

Below is script

#!/bin/sh 
#Function to create Random Password
function randpass() {
[ "$2" == "13" ] && CHAR="[:alnum:]" || CHAR="[:graph:]"
cat /dev/urandom | tr -cd "$CHAR" | head -c 8
echo
}
#Get Random Password to rootnewpass variable
rootnewpass=`randpass`
#Replace new password in file rootpass
sed -i "s/^\(${1}:\).*/\1${rootnewpass}/" /nfs/rootpass
#Change new Password using new random generated keyword 
echo -e "root:$rootnewpass" | chpasswd

So Now I wanted here is my approach is good or any other way is better to implement this. Here concern is at any chance i should not misplace the password meaning should not redirect wrong password to file.

Same concept I am using for grub password as well.

Note: All machines should not have same root password and hence i have opted this option.

Please advice

Answer 1

You can change the password of the root user on a batch of servers (100 servers: 10.1.0.1 to 10.1.0.100) by:

# for ((i=1;i<=100;i++)); do \
ssh 10.1.0.$i 'echo -e "newpassword\nnewpassword" | passwd  --stdin root'; \
done;

Make it a cron job and this should work.