Date: Tue, 10 Jul 2001 03:45:34 -0400 (EDT) From: Jim Weeks <jim@siteplus.net> To: Gregory Bond <gnb@itga.com.au> Cc: stable@FreeBSD.ORG Subject: Re: Generating encrypted passwords Message-ID: <Pine.BSF.4.21.0107100336560.1040-100000@veager.siteplus.net> In-Reply-To: <200107100306.NAA21657@lightning.itga.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Here is one I wrote some time ago to allow clients to create a simple .htpasswd file. I feed it Username: $Form{'login'}, NewPass: $Form{'np'}, and VerifyPass: $Form{'vp'} from a web form. Maybe it will give you some ideas ;-) -- Jim Weeks #!/usr/bin/perl if ($ENV{'REQUEST_METHOD'} eq "GET") { $buffer = $ENV{'QUERY_STRING'}; } elsif ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'}); } @cgiPairs = split(/&/,$buffer); foreach $cgiPair (@cgiPairs){ ($name,$value) = split(/=/,$cgiPair); $value =~ s/\+/ /g; $value =~ s/%(..)/pack("c",hex($1))/ge; $Form{$name} .= "\0" if (defined($Form{$name})); $Form{$name} .= "$value"; } undef $name; undef $value; print "Content-Type: text/html\n\n"; # Start HTML output. unless ($Form{'login'}) { print "No user name was entered"; exit; } unless ($Form{'np'} && $Form{'vp'}) { print "Please enter your password in both boxes"; exit; } if ($Form{'np'} ne $Form{'vp'}) { print "Passwords do not match"; exit; } else { @passset = ('a'..'z'); for ($i = 0; $i < 2; $i++) { $randum_num = int(rand($#passset + 1)); $salt .= @passset[$randum_num]; } $htpass = crypt($Form{'np'}, "$salt"); print "$Form{'login'}:"; print "$htpass\n"; } On Tue, 10 Jul 2001, Gregory Bond wrote: > I need to generate some encrypted passwords in a config file for an > application (i.e. not in /etc/master.passwd). > > AFAICT there are no utilities in FreeBSD 4 that will do this. So I whipped up a > 10-line perl script to build a random salt, get the password and call crypt(). > This is OK, but uglier and harder than it needs to be (as I had to fossick > around a bit to find the right way to generate a salt.) > > Is this something worth adding to (e.g.) pw(8)? If so, I can whip up some > patches..... > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107100336560.1040-100000>