From owner-freebsd-stable  Tue Jul 10 15:30:23 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from lorax.ubergeeks.com (lorax.ubergeeks.com [209.145.65.55])
	by hub.freebsd.org (Postfix) with ESMTP id 47CDC37B408
	for <stable@FreeBSD.ORG>; Tue, 10 Jul 2001 15:30:18 -0700 (PDT)
	(envelope-from adrian@ubergeeks.com)
Received: from localhost (adrian@localhost)
	by lorax.ubergeeks.com (8.11.4/8.11.4) with ESMTP id f6AMVbu25726;
	Tue, 10 Jul 2001 18:31:37 -0400 (EDT)
	(envelope-from adrian@ubergeeks.com)
Date: Tue, 10 Jul 2001 18:31:37 -0400 (EDT)
From: Adrian Filipi-Martin <adrian@ubergeeks.com>
Reply-To: Adrian Filipi-Martin <adrian@ubergeeks.com>
To: Gregory Bond <gnb@itga.com.au>
Cc: <stable@FreeBSD.ORG>
Subject: Re: Generating encrypted passwords
In-Reply-To: <200107100306.NAA21657@lightning.itga.com.au>
Message-ID: <20010710182937.X24703-100000@lorax.ubergeeks.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Tue, 10 Jul 2001, Gregory Bond wrote:

> I need to generate some encrypted passwords in a config file for an
> application (i.e. not in /etc/master.passwd).
>
> AFAICT there are no utilities in FreeBSD 4 that will do this. So I whipped up a
> 10-line perl script to build a random salt, get the password and call crypt().
> This is OK, but uglier and harder than it needs to be (as I had to fossick
> around a bit to find the right way to generate a salt.)
>
> Is this something worth adding to (e.g.) pw(8)?  If so, I can whip up some
> patches.....

	I thinks this is what you want:

: adrian@lorax; openssl passwd -h
Usage: passwd [options] [passwords]
where options are
-crypt             standard Unix password algorithm (default)
-1                 MD5-based password algorithm
-apr1              MD5-based password algorithm, Apache variant
-salt string       use provided salt
-in file           read passwords from file
-stdin             read passwords from stdin
-quiet             no warnings
-table             format output as table
-reverse           switch table columns


	Unfortunately the md5 formats do not seem to be compatible with
OpenBSD's use of them and I believe FreeBSD's is similar.  If you got that
working, I think all the interesting cases could be handled by openssl.
Note, it does generate the salt for you.

	Adrian
--
[ adrian@ubergeeks.com ]


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message