Date: Fri, 20 Nov 1998 18:50:11 -0500 From: "Allen Smith" <easmith@beatrice.rutgers.edu> To: dannyman <dannyman@dannyland.org>, ee123@rocketmail.com, freebsd-hackers@FreeBSD.ORG Subject: Re: Password generator Message-ID: <9811201850.ZM5103@beatrice.rutgers.edu> In-Reply-To: dannyman <dannyman@dannyland.org> "Re: Password generator" (Nov 20, 6:21pm) References: <19981120163916.17293.rocketmail@web1.rocketmail.com> <19981120171714.P14320@enteract.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 20, 6:21pm, dannyman (possibly) wrote:
> On Fri, Nov 20, 1998 at 08:39:16AM -0800, EE wrote:
> > Hy,
> > I'm looking for a password generator.
> > Does anybody know where I can found one?
>
> Perl code snippet:
>
> sub get_password {
> my @ary = ( 0 .. 9, 'A' .. 'Z', 'a' .. 'z', 'z', '!', '$', '%');
> my $password;
> my $pw_len = rand(5)+6;
> for(1..$pw_len) {
> $password .= $ary[rand(@ary)];
> }
> return $password;
> }
>
> This is actually a labotomised function call that's part of a script I wrote
> to add users to our system. It generates a random password if the user
> doesn't supply one.
IIRC, the original requestor was wanting one that would produce
_pronouceable_ passwords. I don't have one, but the following is an
improved version of the above (written for about the same purpose):
use MD5;
sub makepass
{
my($string,$stringinit,$tmpfile) = ('','','');
unless (defined($tmpdir) && (-w $tmpdir) && (-d $tmpdir))
{
$tmpdir = &tmpdir();
}
my($string2) = '';
while (length($string) < 8)
{
until (($tmpfile ne '') && (-e $tmpfile) && ($? == 0))
{
while (($tmpfile eq "") || (-e $tmpfile))
{
$tmpfile = $tmpdir . "/" . "randpass" . int(rand(10000));
}
`$pgp +makerandom=48 $tmpfile >/dev/null 2>/dev/null`;
if (($? != 0) && (-e $tmpfile))
{
unlink $tmpfile;
}
}
open(PGP, $tmpfile) || (die "Can't open $tmpfile: $!\n");
unlink $tmpfile;
$context = new MD5;
$context->reset();
$context->addfile(PGP);
$stringinit = $context->digest();
$stringinit = substr($stringinit,0,int(length($stringinit)/2)) ^
substr($stringinit,int(length($stringinit)/2),length($stringinit));
if (length($string2) > 0)
{
foreach $character1 (split(/.*/,$string2))
{
my($new_stringinit) = '';
foreach $character2 (split(/.*/,$stringinit))
{
$new_stringinit .= $character1 ^ $character2;
}
$stringinit = $new_stringinit;
}
$string2 = '';
}
for ($i = 0; $i <= length($stringinit); $i++)
{
my($stringchar) = ord(substr($stringinit,$i,1));
if ($stringchar > 94) # 188 = int (2**8 / 94) * 94; by Peter da Silva
{
$string2 .= substr($stringinit,$i,1);
}
else
{
$stringchar = ($stringchar % 94) + 33;
$string .= chr($stringchar);
}
}
$string2 .= $string;
$string =~ tr/-a-zA-Z2-9=[]\\;,.\/~!@\#$%^&*()+{}|:""<>?//cd;
$string2 =~ tr/-a-zA-Z2-9=[]\\;,.\/~!@\#$%^&*()+{}|:""<>?//d;
}
if (length($string . $string2) > 8)
{
my($number) = rand(32768);
foreach $character (split(/.*/,substr(($string . $string2),8)))
{
$number ^= ord($character);
}
srand($number); # yes, this may very well call srand multiple times... one reason for inc rand in it
}
close PGP;
return substr($string,0,8);
}
You'll need to put in a new way to get a secure temporary directory
(&tmpdir()) calls a perl module that I'm still working on getting into
publishable form) and have a copy of pgp around (and with $pgp
equalling its location).
-Allen
--
Allen Smith easmith@beatrice.rutgers.edu
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9811201850.ZM5103>