no crypt

mson · 04-26-2007, 04:56 AM

dear members,

iam missing the crypt-command in my slackware 10.2.

iam a newbee @linux and want to add a sytem-user using a servlet.
i need one command-line to add a user and set the encryptet pw.

can anyone help me ?

greez

the_ajp · 04-26-2007, 06:11 AM

you want to add a user in one command ? hehe try man useradd.

it will probably be something like

useradd -d /home/username -s /bin/bash -p password username

mson · 04-26-2007, 07:20 AM

>> useradd -d /home/username -s /bin/bash -p password username

ofcourse...but in this case i must give the password crypted.

so i need a script or a single commandline witch crypt the pw and give it to the
useradd command.

titopoquito · 04-26-2007, 07:28 AM

I searched for that some days ago, but although I have a strong hint I could not get it working - the computed output and the entry in /etc/shadow (generated from "passwd") still differ. openssl might be able to do this: http://www.linuxjournal.com/node/8958/print

titopoquito · 04-26-2007, 07:31 AM

Give it some salt and the meal is ready

http://www.madboa.com/geek/openssl/#passwd-md5

tronayne · 04-26-2007, 07:38 AM

Perhaps you mean something like this?

This program, cvspas, is used to generate the password entry for CVS; it prompts for the password and prints the login name of the person running the program along with the encrypted password.

The output is, for example,

Code:

# cvspas
Password to encrypt: type_the_password
userid:KeGoQCkfp7XYw

Compile it with

Code:

cc -O3 -s -o cvspas cvspas.c -lcrypt

Here's the source.

Code:

#include <stdio.h>
#include <stdlib.h>
#include <pwd.h>
#include <time.h>
#define _XOPEN_SOURCE
#include <unistd.h>

extern  char    *crypt  (const char *, const char *);

int     main    (int argc, char *argv [])
{
        char    salt [3];
        char    *passwd, *encryptedpw;
        char    *user;
        int     i;

        /*      seed the random number generator        */
        srand ((int) time ((unsigned int) NULL));
        /*
         *      we need two random numbers in the range
         *      >= 65 <= 90 or >= 97 <= 122 (that's A - Z
         *      or a - z inclusive) for the salt characters
        */
        while ((i = rand()) < 65 ||
                i > 90 && i < 97 ||
                i > 122)
                ;
        salt [0] = i;
        while ((i = rand()) < 65 ||
                i > 90 && i < 97 ||
                i > 122)
                ;
        salt [1] = i;
        salt [2] = '\0';
        /*      find out who we are                     */
        if ((user = getenv ("USER")) == (char *) NULL) {
                (void) fprintf (stderr,
                    "%s:\tunable to determine user id\n",
                    argv [0]);
                exit (EXIT_FAILURE);
        }
        /*      ask for the password                    */
        passwd = getpass ("Password to encrypt: ");
        /*      crypt() only looks at the first two characters of salt  */
        encryptedpw = crypt (passwd, salt);
        (void) fprintf (stdout, "%s:%s\n", user, encryptedpw);
        exit (EXIT_SUCCESS);
}

Now, this is just a demonstration program -- the use of the rand() function to generate the salt characters is not the most efficient way to that and, consequently, the program takes a few seconds before the password prompt appears. But, it does produce a usable encrypted password so there you are.

See the manual pages for the functions the program calls if you want more information.

mson · 04-27-2007, 02:10 AM

thanks for the script!

i tryed the openssl and it seams to work fine.
now my next question:

how can i combinate the openssl command with the useradd command in ONE line to generate a new user with encrypted password ?

many thanks...

titopoquito · 04-27-2007, 04:44 AM

It's not exactly a one-liner, although you can of course append the lines with ";". And it's not the best method I guess.
I export first some variables, a better choice I guess would to put the lines in a bash script and use parameters $1 $2 and $3 instead of the static export lines.

Code:

export SET_USER=username
export SET_SALT=3gZekj8m # should be random of course
export SET_PASSWD=mypassword
export ENC_PASSWD=$(openssl passwd -1 -salt $SET_SALT $SET_PASSWD)
useradd -g users -G video,cdrom,floppy -m -p "$ENC_PASSWD" -s /bin/bash $SET_USER

# clean up, not necessary if called from script
unset SET_USER SET_SALT SET_PASSWD ENC_PASSWD

EDIT: I assumed you might want to use it in a bash script to automate the process of creating a user. If you don't need this you could simplify my script and write all commands in one line:

Code:

export ENC_PASSWD=$(openssl passwd -1 -salt 3gZekj8m mypassword) ; useradd -g users -G video,cdrom,floppy -m -p "$ENC_PASSWD" -s /bin/bash username ; unset ENC_PASSWD

EDIT 2: Even shorter works too:

Code:

useradd -g users -G video,cdrom,floppy -m -p "$(openssl passwd -1 -salt 3gZekj8m mypassword)" -s /bin/bash username