The AddigySSH user account is used internally by Addigy on managed devices. Its password is dynamically generated for security purposes and is not known by anyone, including Addigy itself. If the password has expired, it is most likely the result of a password policy being enforced on the device via a Device Setting.
Immediate Fix: Reset the AddigySSH Password
To reset the AddigySSH password on an affected device, navigate to the Devices page (or GoLive > Scripts tab), select the device, and run the following command in the Run Command box:
randomPassword=$(openssl rand -base64 32) /usr/bin/dscl . -passwd /Users/AddigySSH "$randomPassword"
Preventing Recurrence: Set Up a Maintenance Item
To prevent the password from expiring again, use the same script in a Maintenance item set to run on a recurring schedule. This will automatically reset the AddigySSH password before your password policy can expire it.
For instructions on creating a Maintenance item, see: Creating a Maintenance Item.
Troubleshooting: Password Quality Check Failed
If you see the following error when running the script, your device's password policy is rejecting the randomly generated password because it doesn't meet the complexity requirements:
<dscl_cmd> DS Error: -14165 (eDSAuthPasswordQualityCheckFailed) passwd: DS error: eDSAuthPasswordQualityCheckFailed
Use the modified script below instead, which generates a 15-character password and appends two special characters to satisfy most common password policies:
randomPassword=$(openssl rand -base64 32 | head -c15); randomPassword+="+#"; /usr/bin/dscl . -passwd /Users/AddigySSH "$randomPassword"
Note:
head -c15sets the password length to 15 characters, andrandomPassword+="+#"appends the special characters+#at the end. If the password still doesn't meet your policy requirements, try running the script a few times or adjust the length and special characters to match your specific policy.