How to use nisaddcred from script?

How to use nisaddcred from script?

Post by Marcel Kno » Mon, 14 Aug 1995 04:00:00



I made a script to create a complete home directory without interaction with
the system-administrator. The only problem is that I can't do a "nisaddcred"
in this way. Does anyone know a method to perform a nisaddcred without
user interaction or how to create the several keys with a normal subroutine?
I looked in Answerbook and the manual pages, but I must be looking with
something else than with my eyes because I can not find anything useful
about it.

Kind regards,

Marcel Knol
(Running Solaris 2.4 on Sparc)

 
 
 

How to use nisaddcred from script?

Post by Jeff Mcada » Mon, 14 Aug 1995 04:00:00



>I made a script to create a complete home directory without interaction with
>the system-administrator. The only problem is that I can't do a "nisaddcred"
>in this way. Does anyone know a method to perform a nisaddcred without
>user interaction or how to create the several keys with a normal subroutine?
>I looked in Answerbook and the manual pages, but I must be looking with
>something else than with my eyes because I can not find anything useful
>about it.

I assume you are saying this because of the prompt for the password?

Look in the man page for nisaddcred and look for the -l option.

Jeff McAdams             | "A strange game.                          
IgLou Internet Services  |  The only winning move is not to play."  


 
 
 

How to use nisaddcred from script?

Post by Phillip Vand » Mon, 14 Aug 1995 04:00:00




[...]
>>the system-administrator. The only problem is that I can't do a "nisaddcred"
>>in this way. Does anyone know a method to perform a nisaddcred without
>>user interaction or how to create the several keys with a normal subroutine?
>>I looked in Answerbook and the manual pages, but I must be looking with
>>something else than with my eyes because I can not find anything useful
>>about it.
>I assume you are saying this because of the prompt for the password?
>Look in the man page for nisaddcred and look for the -l option.

Here's something I can't figure out. All of the various manpages of
commands that take passwords on the command line acknowledge the
security considerations of doing this, but don't offer solutions.
Why not use the environment to transfer the password? Is there something
insecure about that?

-Phil

 
 
 

How to use nisaddcred from script?

Post by Dan Strombe » Thu, 17 Aug 1995 04:00:00




>Here's something I can't figure out. All of the various manpages of
>commands that take passwords on the command line acknowledge the
>security considerations of doing this, but don't offer solutions.
>Why not use the environment to transfer the password? Is there something
>insecure about that?

The environment can often be inspected with "ps auxwwe", on a system
with a BSDish ps.

You're better off using standard input, if you insist on doing
password manipulation in sh/csh scripts.  I'd recommend C, or a more
complete scripting language (EG python), instead.

 
 
 

How to use nisaddcred from script?

Post by John-Paul Robins » Thu, 17 Aug 1995 04:00:00


: Here's something I can't figure out. All of the various manpages of
: commands that take passwords on the command line acknowledge the
: security considerations of doing this, but don't offer solutions.
: Why not use the environment to transfer the password? Is there something
: insecure about that?

: -Phil

What are the thoughts on en-crypting the credentials in the script
and then using the nistbladm command to fill in the fields.  I know
you can do this with normal passwords using crypt, but are there
functions which provide the encrypted DES fields for cred?  If so
you could write a wrapper around it for perl.

john-paul
UAB Physics

 
 
 

1. Using NIS+ C API to emulate nisaddcred command

I am developing an application to manipulate NIS+ tables
using the NIS+ C API for doing things like adding users,
deleting users, etc.  The current application uses alot
of system() calls to nis commands such as nistbladm and
nisaddcred.  I need to emulate those commands with C code
but am having trouble reverse engineering exactly how the
nisaddcred call creates the values for the public_data and
private_data columns of the cred table DES entry.  These
fields are the private and public keys for the user.  Are
these keys generated using the secure_RPC function key_gendes()?
The private_data key is encrypted, does this mean I need to
set the EN_CRYPT flag for that entry column before calling
nis_add_entry()?

   Any insights into how these credential fields are created
would be appreciated.

  Thanks

----------------------------------------------------------------------

MOREnet System Programming               |  for a dull computer...   |
Missouri Research and Education Network  |       AMIGA!              |
----------------------------------------------------------------------

2. Why printk()'s behavior different?

3. nisaddcred: no password entry found for uid

4. Group writable directory

5. Problems with `nisaddcred des'

6. modem question

7. Failed nisaddcred LOCAL step in NIS+ root domain setup

8. mount nfs fails after 4.4.1

9. NIS+ nisaddcred

10. nisaddcred buggy ???

11. Nisaddcred question

12. nisaddcred -l don't work

13. Copy files using filenames from text files with shell script or bash script