Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 7 Jun 2001 14:41:57 -0400 (EDT)
From:      David Miner <david@slis-two.lis.fsu.edu>
To:        "Karsten W. Rohrbach" <karsten@rohrbach.de>
Cc:        edwin chan <huacheng@public.guangzhou.gd.cn>, Olivier Nicole <Olivier.Nicole@ait.ac.th>, <freebsd-security@FreeBSD.ORG>
Subject:   Re: Encrypted passwords
Message-ID:  <Pine.BSF.4.30_heb2.09.0106071439270.64212-100000@slis-two.lis.fsu.edu>
In-Reply-To: <20010607202014.S59617@mail.webmonster.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 7 Jun 2001, Karsten W. Rohrbach wrote:

> a simple script using pwgen(1) from the ports collection to generate the
> cleartext password, using pw(8)'s instrumentation for passing a password
> to it via filehandle would simplify things a bit, i think.
> /k
>
It's not the generation of the passwords that is the problem.  It's the
encryption.

I put print statements into the program, created two users, and check
vipw.

These are the outputs:

entries in pwd.db:

try-1:wUe7aHIXK/8O.:1260:1337::0:0:LIStry-1:/usr/try-1:/bin/csh
try-2:tgx8fwK0d6cQM:1261:1338::0:0:LIStry-2:/usr/try-2:/bin/csh

Program output:

Enter password file name:  pw7
Password file read
Enter path to home directories: /usr
Enter class name: try
Enter first number wanted: 1
Enter number of users wanted: 2
try-1 chock1

wUlVdJxRtry-1 /usr/try-1 wUe7aHIXK/8O.
chpass: updating the database...
chpass: done
try-2 chock1

tgtM0gIZtry-2 /usr/try-2 tgx8fwK0d6cQM
chpass: updating the database...
chpass: done

Notice that the encrypted password from the program appears to be the same
as reported in vipw.  But the user cannot login with the password.

David
---------------------------------------------------------------------
David R. Miner                                   miner@lis.fsu.edu
Systems Integrator                               voice: 850-644-8107
School of Information Studies                    fax:   850-644-6253
Florida State University
Tallahassee, FL  32306-2100



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.30_heb2.09.0106071439270.64212-100000>