From owner-freebsd-stable Tue Jul 10 5:24:12 2001 Delivered-To: freebsd-stable@freebsd.org Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1]) by hub.freebsd.org (Postfix) with ESMTP id A4D0437B401 for ; Tue, 10 Jul 2001 05:23:58 -0700 (PDT) (envelope-from mike@sentex.net) Received: (from root@localhost) by cage.simianscience.com (8.11.4/8.11.2) id f6ACNvO41578; Tue, 10 Jul 2001 08:23:57 -0400 (EDT) (envelope-from mike@sentex.net) Received: from chimp (fcage [192.168.0.2]) by cage.simianscience.com (8.11.4/8.11.2av) with ESMTP id f6ACNmG41555; Tue, 10 Jul 2001 08:23:49 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <4.2.2.20010710081901.05a68008@192.168.0.12> X-Sender: mdtancsa@192.168.0.12 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.2 Date: Tue, 10 Jul 2001 08:23:47 -0400 To: Jim Weeks From: Mike Tancsa Subject: Re: Generating encrypted passwords Cc: stable@freebsd.org In-Reply-To: References: <200107100306.NAA21657@lightning.itga.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG What about a srand (time ^ $$ ^ unpack "%L*", `ps -auxw | gzip`); at the start of your program and for the salt, I use this to generate md5 salts which I think I got from cpan IIRC. sub salt { local($salt); # initialization local($i, $rand); local(@itoa64) = ( '0' .. '9', 'a' .. 'z', 'A' .. 'Z' ); # 0 .. 63 warn "calculate salt\n" if $verbose > 1; # to64 for ($i = 0; $i < 8; $i++) { $rand = rand(25*29*17 + $rand); $salt .= $itoa64[$rand & $#itoa64]; } warn "Salt is: $salt\n"; return $salt; } At 03:45 AM 7/10/2001 -0400, Jim Weeks wrote: >Here is one I wrote some time ago to allow clients to create a simple >.htpasswd file. I feed it Username: $Form{'login'}, >NewPass: $Form{'np'}, and VerifyPass: $Form{'vp'} from a web >form. > >Maybe it will give you some ideas ;-) > >-- >Jim Weeks > >#!/usr/bin/perl > >if ($ENV{'REQUEST_METHOD'} eq "GET") { > $buffer = $ENV{'QUERY_STRING'}; >} >elsif ($ENV{'REQUEST_METHOD'} eq "POST") { > read(STDIN,$buffer,$ENV{'CONTENT_LENGTH'}); >} >@cgiPairs = split(/&/,$buffer); > >foreach $cgiPair (@cgiPairs){ > ($name,$value) = split(/=/,$cgiPair); > $value =~ s/\+/ /g; > $value =~ s/%(..)/pack("c",hex($1))/ge; > $Form{$name} .= "\0" if (defined($Form{$name})); > $Form{$name} .= "$value"; >} >undef $name; undef $value; > >print "Content-Type: text/html\n\n"; # Start HTML output. > >unless ($Form{'login'}) { >print "No user name was entered"; >exit; >} >unless ($Form{'np'} && $Form{'vp'}) { >print "Please enter your password in both boxes"; >exit; >} >if ($Form{'np'} ne $Form{'vp'}) { >print "Passwords do not match"; >exit; > } >else { > >@passset = ('a'..'z'); > for ($i = 0; $i < 2; $i++) { > $randum_num = int(rand($#passset + 1)); > $salt .= @passset[$randum_num]; > } >$htpass = crypt($Form{'np'}, "$salt"); > >print "$Form{'login'}:"; >print "$htpass\n"; >} > > >On Tue, 10 Jul 2001, Gregory Bond wrote: > > > I need to generate some encrypted passwords in a config file for an > > application (i.e. not in /etc/master.passwd). > > > > AFAICT there are no utilities in FreeBSD 4 that will do this. So I > whipped up a > > 10-line perl script to build a random salt, get the password and call > crypt(). > > This is OK, but uglier and harder than it needs to be (as I had to fossick > > around a bit to find the right way to generate a salt.) > > > > Is this something worth adding to (e.g.) pw(8)? If so, I can whip up some > > patches..... > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-stable" in the body of the message > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-stable" in the body of the message -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Network Administration, mike@sentex.net Sentex Communications www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message