Date: Mon, 19 Jun 2000 14:23:04 +0200 (CEST) From: root@uni-bielefeld.de To: FreeBSD-gnats-submit@freebsd.org Subject: bin/19375: makekey accepts only 8-byte Passwords (noninteractive password change) Message-ID: <200006191223.OAA02232@odie.hrz.uni-bielefeld.de>
next in thread | raw e-mail | index | archive | help
>Number: 19375 >Category: bin >Synopsis: makekey accepts only 8-byte password >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Jun 19 05:30:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Charlie & >Release: FreeBSD 3.4-RELEASE i386 >Organization: Computing Center, University of Bielefeld, Germany >Environment: Freebsd 3.4-RELEASE i386 >Description: There is the need to change user passwords non-interactively over a privisioning system. adduser: does nothing cause the user exists chpass : interactively reads from /dev/tty or you need makekey to encrypt the passwd passwd : only interactive usable So the focus came to makekey, which reads a fixed length of 8 chars for the password and 2 chars for the salt. So one can't set a 7 byte pasword. Also the documentation isn't very usefull. >How-To-Repeat: /usr/libexec/makekey >Fix: A very complicated "hack" is echo -e "secret\0\0Sa" | /usr/libexec/makekey this is equivalent to echo -e "secret\0 Sa" | /usr/libexec/makekey cause the \0 ist the implicit end of string in C. The very best would be an adduser script which allows the change of the password with a flag, like adduser -c -p <clear-text-password> or a chpass with this option. Sure, it's better to transfer the password encrypted, but than we need a better makekey to do the job. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006191223.OAA02232>