Date: Thu, 7 Jun 2001 14:41:57 -0400 (EDT) From: David Miner <david@slis-two.lis.fsu.edu> To: "Karsten W. Rohrbach" <karsten@rohrbach.de> Cc: edwin chan <huacheng@public.guangzhou.gd.cn>, Olivier Nicole <Olivier.Nicole@ait.ac.th>, <freebsd-security@FreeBSD.ORG> Subject: Re: Encrypted passwords Message-ID: <Pine.BSF.4.30_heb2.09.0106071439270.64212-100000@slis-two.lis.fsu.edu> In-Reply-To: <20010607202014.S59617@mail.webmonster.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 7 Jun 2001, Karsten W. Rohrbach wrote: > a simple script using pwgen(1) from the ports collection to generate the > cleartext password, using pw(8)'s instrumentation for passing a password > to it via filehandle would simplify things a bit, i think. > /k > It's not the generation of the passwords that is the problem. It's the encryption. I put print statements into the program, created two users, and check vipw. These are the outputs: entries in pwd.db: try-1:wUe7aHIXK/8O.:1260:1337::0:0:LIStry-1:/usr/try-1:/bin/csh try-2:tgx8fwK0d6cQM:1261:1338::0:0:LIStry-2:/usr/try-2:/bin/csh Program output: Enter password file name: pw7 Password file read Enter path to home directories: /usr Enter class name: try Enter first number wanted: 1 Enter number of users wanted: 2 try-1 chock1 wUlVdJxRtry-1 /usr/try-1 wUe7aHIXK/8O. chpass: updating the database... chpass: done try-2 chock1 tgtM0gIZtry-2 /usr/try-2 tgx8fwK0d6cQM chpass: updating the database... chpass: done Notice that the encrypted password from the program appears to be the same as reported in vipw. But the user cannot login with the password. David --------------------------------------------------------------------- David R. Miner miner@lis.fsu.edu Systems Integrator voice: 850-644-8107 School of Information Studies fax: 850-644-6253 Florida State University Tallahassee, FL 32306-2100 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.30_heb2.09.0106071439270.64212-100000>