From owner-freebsd-stable Tue Jul 10 0:45:52 2001 Delivered-To: freebsd-stable@freebsd.org Received: from femail4.sdc1.sfba.home.com (femail4.sdc1.sfba.home.com [24.0.95.84]) by hub.freebsd.org (Postfix) with ESMTP id 0472C37B409 for ; Tue, 10 Jul 2001 00:45:44 -0700 (PDT) (envelope-from jim@siteplus.net) Received: from veager.siteplus.net ([65.14.122.116]) by femail4.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20010710074539.GBCO9548.femail4.sdc1.sfba.home.com@veager.siteplus.net>; Tue, 10 Jul 2001 00:45:39 -0700 Date: Tue, 10 Jul 2001 03:45:34 -0400 (EDT) From: Jim Weeks To: Gregory Bond Cc: stable@FreeBSD.ORG Subject: Re: Generating encrypted passwords In-Reply-To: <200107100306.NAA21657@lightning.itga.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Here is one I wrote some time ago to allow clients to create a simple .htpasswd file. I feed it Username: $Form{'login'}, NewPass: $Form{'np'}, and VerifyPass: $Form{'vp'} from a web form. Maybe it will give you some ideas ;-) -- Jim Weeks #!/usr/bin/perl if ($ENV{'REQUEST_METHOD'} eq "GET") { $buffer = $ENV{'QUERY_STRING'}; } elsif ($ENV{'REQUEST_METHOD'} eq "POST") { read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'}); } @cgiPairs = split(/&/,$buffer); foreach $cgiPair (@cgiPairs){ ($name,$value) = split(/=/,$cgiPair); $value =~ s/\+/ /g; $value =~ s/%(..)/pack("c",hex($1))/ge; $Form{$name} .= "\0" if (defined($Form{$name})); $Form{$name} .= "$value"; } undef $name; undef $value; print "Content-Type: text/html\n\n"; # Start HTML output. unless ($Form{'login'}) { print "No user name was entered"; exit; } unless ($Form{'np'} && $Form{'vp'}) { print "Please enter your password in both boxes"; exit; } if ($Form{'np'} ne $Form{'vp'}) { print "Passwords do not match"; exit; } else { @passset = ('a'..'z'); for ($i = 0; $i < 2; $i++) { $randum_num = int(rand($#passset + 1)); $salt .= @passset[$randum_num]; } $htpass = crypt($Form{'np'}, "$salt"); print "$Form{'login'}:"; print "$htpass\n"; } On Tue, 10 Jul 2001, Gregory Bond wrote: > I need to generate some encrypted passwords in a config file for an > application (i.e. not in /etc/master.passwd). > > AFAICT there are no utilities in FreeBSD 4 that will do this. So I whipped up a > 10-line perl script to build a random salt, get the password and call crypt(). > This is OK, but uglier and harder than it needs to be (as I had to fossick > around a bit to find the right way to generate a salt.) > > Is this something worth adding to (e.g.) pw(8)? If so, I can whip up some > patches..... > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message