Re: Password Encryption Blues

From: phn@icke-reklam.ipsec.nu
Date: 05/22/02

  • Next message: Nico Kadel-Garcia: "Re: IP address <--> Global Positioning System (GPS)" 

    From: phn@icke-reklam.ipsec.nu
Date: 22 May 2002 20:37:52 GMT

    John <johnc_without_spam_thankyou@no1.com.au> wrote:
    > Peter, firstly THANK YOU. I really can;t thank you enough...been banging my
    > head against a wall.

    > I have that working. I can produce the clear text file but I have had no
    > luck encrypting it.

    encrypting ??

    The only encrypted stuff is field 2 , the password field. And
    i assume redhad uses DES ( as the freebsd will accept) . Just copy
    the characters and they most likley will work in freebsd.
    ( freebsd accepts MD5 oo, but i think the format will be recognized automativally)

    The resulting file is merged into /etc/master.passwd , which wil be
    converted to the "real" database with "pwd_mkdb"

    Note that opening the password database with the "vipw" command
    is The Right Thing, it will automatically run pwd_mkdb when you
    save your changes.

    Or are you trying to set the passwords in a script ?

    expect might be used to use the normal passwd command.

    Or did i misunderstand what you want ?

    > Have been trying both PW and PASSWORD in our script but both are wanting
    > input through command line interface. Although just been reading that the PW
    > command can be used in a script using a "FILE DESCRIPTOR"

    > MAN PW
    > <snip>
    > Because the command line and environment are fundamentally insecure
    > mechanisms by which programs can accept information, pw
    > will only allow setting of account and group passwords via
    > a file descriptor (usually a pipe between an interactive
    > script and the program). sh, bash, ksh and perl all pos­
    > sess mechanisms by which this can be done. Alternatively,
    > pw will prompt for the user's password if -h 0 is given,
    > nominating stdin as the file descriptor on which to read
    > the password. Note that this password will be read only
    > once and is intended for use by a script rather than for
    > interactive use.
    > </snip>

    > I can loop etc within my script for each entry and execute the PW command
    > but how to use the PW command has got us stumped......

    > Any additional suggestions or help you could offer? Really do appreciate
    > your time!

    > JohnC

    > <phn@icke-reklam.ipsec.nu> wrote in message
    > news:acfcap$s2a$2@nyheter.crt.se...
    >> John <johnc@no1.com.au> wrote:
    >> > HELP - I mean this sincerely.
    >>
    >> > I have spent almost a week on and off trying to convert a plain text
    > Unix
    >> > password file (as you would use in Linux but an unshadowed version of
    > it) to
    >> > run under FreeBSD
    >>
    >> > I understand the 3 extra fields required by FreeBSD and can convert
    >> > accordingly.
    >>
    >> > Would like to run a shell script to convert.
    >>
    >> > If anybody could spare me some basic steps of what to do, would be much
    >> > appreciated.
    >> > Or I can send somebody the script we have developed thus far? which
    > ever...I
    >> > am now desperate, hence posting this message.
    >>
    >> awk might be the easiest :
    >> awk -F: '{print $1 ":"$2":"$3":"$4":0:0:0"$6":"$6}' < /etc/passwd >
    > bsdpasswd.master
    >>
    >> ( the above contains probably some errors )
    >>
    >> > Thanking you all in advance.
    >>
    >> > John C
    >>
    >>
    >>
    >>
    >> --
    >> Peter Håkanson
    >> IPSec Sverige ( At Gothenburg Riverside )
    >> Sorry about my e-mail address, but i'm trying to keep spam out,
    >> remove "icke-reklam" if you feel for mailing me. Thanx. 

    -- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.