On Mon, 28 Apr 2003, Joshi, Vinay (MED, GEMS-IT) wrote: > I dont know the issue with encrypted passwds. As said before can be > picked up from shadow file. > or if you really want.. generate it .Create an executable ( compiled 4 > line C code, using crypt(), and seed as same as supplied passwd > generates the system passwds) > One thing bothers me no end. These passwords are generated with a salt. I've looked that the code (on Debian, that being to hand), and I see where the salt is a somewhat-randomly-generated string. I used this code: summer@Numbat:~$ cat bin/pw.encrypt #!/usr/bin/perl -w $passwd = $ARGV[0]; $salt = "\$1\$".$ARGV[1]."\$"; print(crypt($passwd, $salt)."\n"); summer@Numbat:~$ to generate encrypted passwords for one of the accounts here, and it doesn't match what is actually used. But then, I have the same root password on two RHL boxes, and the values in /etc/shadow differ too. So how does the checking work? Using the excellent advice to use the passwd command: [root@quokka root]# useradd fred [root@quokka root]# echo fred | passwd --stdin fred Changing password for user fred. passwd: all authentication tokens updated successfully. [root@quokka root]# grep fred /etc/shadow fred:$1$iyQ05jRt$iMf.XwnD7iUhI3Tv45ZPI.:12171:0:99999:7::: [root@quokka root]# Works well, but ... [root@gw root]# useradd fred [root@gw root]# echo fred | passwd --stdin fred Changing password for user fred passwd: all authentication tokens updated successfully [root@gw root]# grep fred /etc/shadow fred:$1$le3EjRvD$CDd82emph.w1nTPnW0k5z1:12171:0:99999:7::: [root@gw root]# Different encrypted passwords!! > > -----Original Message----- > From: John [mailto:red@xxxxxxxxxxxxxxxxxxxxxxx] > Sent: Monday, April 28, 2003 1:10 AM > To: 'kickstart-list@xxxxxxxxxx' > Subject: Re: Kickstart User Creation > > > On Mon, 28 Apr 2003, Gareth Bromley wrote: > > > On Sun, 27 Apr 2003, Robert Denton wrote: > > > useradd -G root -p menace phantom > > > To create a user by the name of phantom with a the password menace. > This > > > didn't work and after a review of the man page associated with > useradd, it > > > would seem that if you are going to include the password in this > command you > > > need to supply it in an encrypted form (with crypt(3)) and I am not > quite > > > certain how to do that. I also considered going the other route: > > > useradd -G root phantom > > > passwd phantom > > > But that requires further interaction and this doesn't seem to be > possible > > > in a kickstart post installation script. Has anyone tried this at > all? I > > > would appreciate any advice regarding the best way to do this. > > The best way is to make use of the usermod and associated tools. > > > > e.g. > > /usr/sbin/useradd myuser > > chfn -f 'A User' myuser > > /usr/sbin/usermod -p '$1$CrackThisOnePlease!!' myuser > > That requires an encrypted password, just the problem Robert wants to > overcome. > > > -- Please, reply only to the list. Join the "Linux Support by Small Businesses" list at http://mail.computerdatasafe.com.au/mailman/listinfo/lssb
