OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Axel Scheepers (ascheepesurf.iae.nl)
Date: Wed Jun 06 2001 - 13:07:23 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Really weird,
    I made a small mistake the other day which resulted in plaintext passwords in the
    password database. I ran the db trough perl using the crypt function to generate
    the passwords and everything was ok again ...
    How many characters are in the enc. pw field ? There should be 13.

    Hope this helps in a way ..
    Gr,
    Axel

    On Wed, Jun 06, 2001 at 12:58:26PM -0400, David Miner wrote:
    > On Wed, 6 Jun 2001, Olivier Nicole wrote:
    >
    > > > > I wonder if crypt in Perl corresponds to crypt(3). There must b some
    > > > > reason somewhere...
    > > >
    > > > Yeah, of course it does :
    > > >
    > > > setantaeshaft setantae$ perldoc -f crypt
    > > > crypt PLAINTEXT,SALT
    > >
    > >
    > > I'd assume it does, but I know I would check it anyway :)
    > >
    > > Olivier
    > >
    > If I knew how.
    >
    > My "inspiration" for this was a series of messages back on May 2nd.
    >
    > This is the main one I used for my example:
    >
    > Date: Wed, 2 May 2001 17:58:50 +0200
    > From: Andrzej Groth <A.Grothgdansk.multinet.pl>
    > To: freebsd-securityFreeBSD.ORG
    > Subject: Re: useradd/adduser
    >
    > On Wed, 02 May 2001, Peter Pentchev wrote:
    >
    > > On Wed, May 02, 2001 at 06:02:57PM +0300, Peter Pentchev wrote:
    > > > On Wed, May 02, 2001 at 03:59:50PM +0100, Lee Smallbone wrote:
    > > > > I see what you mean about the synopsis...!
    > > > >
    > > > > From what I can see it isn't possible to supply the password to pw?
    > > > > I'm using md5 passwords, and can easily have the script in question
    > encode
    > > > > the password prior to calling pw, so is it possible to use (in the
    > verse
    > of
    > > > > pw), something along the lines of:
    > > > >
    > > > > pw useradd -n test -c "Test User" -d /home2/test -m -s sh
    > $md5encpass
    > > > >
    > > > > ?
    >
    > so...
    > pw useradd -n test -c "Test User" -d /home2/test -s /bin/sh; chpass -p
    > $md5encpass test
    >
    > ? ;-)
    >
    > br.
    > --
    > Andrzej Groth
    >
    >
    > I changed it to a system call from perl and went on.
    >
    > David
    > ---------------------------------------------------------------------
    > David R. Miner minerlis.fsu.edu
    > Systems Integrator voice: 850-644-8107
    > School of Information Studies fax: 850-644-6253
    > Florida State University
    > Tallahassee, FL 32306-2100
    >
    >
    >
    > To Unsubscribe: send mail to majordomoFreeBSD.org
    > with "unsubscribe freebsd-security" in the body of the message 

    -- 
Met vriendelijke groet,
VIA NET.WORKS Nederland

    Axel Scheepers
Operations
phone 	+31 40 239 33 93
fax 	+31 40 239 33 11
e-mail 	eindhoven.beheervianetworks.nl
http://www.vianetworks.nl/

    To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message