Hi!
How can I add a password for a user from file? I
tried "passwd user <file", but it doesn't work.
Help me, please!
GabX
by Budai Gabo » Fri, 02 Jul 1999 04:00:00
How can I add a password for a user from file? I
tried "passwd user <file", but it doesn't work.
Help me, please!
GabX
by Andreas Schlag » Sat, 03 Jul 1999 04:00:00
>How can I add a password for a user from file? I
>tried "passwd user <file", but it doesn't work.
>Help me, please!
>GabX
this won't work because the 'passwd' command is not able to read the password
from stdin due to security reasons.
regards,
Andreas Schlager
M. Kaindl Holzindustrie
Walser Weg 12
A-5071 Wals / Salzburg
by ian Lain » Mon, 05 Jul 1999 04:00:00
As stated in a previous append - use of "here" documents and redirection
of input simply isn't allowed for passwd for security reasons.
Imagine allowing a user to simply type passwd userid new-password.
The first thing a hacker's going to do is scan as many .sh_history files
as they can to find out passwords or just a "sniff" of where the input
file is to see if they can see inside it.
That said you can find some sample code out there to allow you to create
your own C code to do the job and there are samples out there that are
ready to compile.
Try scanning web for chpass (I think) as thats what I used some time ago
to develop a password change program - understand though that you need
to be root to run it and you have to be careful to tidy up after you and
chmod 000 input files so only root can read them (or better still delete
them after use).
I also read about some time ago a "product" called Expect(?) which
allows amongst other things scripting password changes but don't know
how that works.
Cheerio,
ian Laing
by Toni Andjelkovi » Tue, 06 Jul 1999 04:00:00
#!/usr/bin/perl
# chpasswd.pl
#
use Expect;
$usage = "$0 username new-password";
$USER = $ARGV[0] or die "$usage\n";
$NEWPASS = $ARGV[1] or die "$usage\n";
$command = Expect->spawn("/usr/bin/passwd $USER") or die "$!\n";
die "$!\n" unless $command->expect(5,"password:");
print $command "$NEWPASS\r";
die "$!\n" unless $command->expect(5,"password:");
print $command "$NEWPASS\r";
sleep(1);
$command->hard_close();
exit(0);
nevertheless, as ian said, you really should consider
your .sh_history before using it.
cheers,
--
Toni Andjelkovic | (TA627-RIPE) |
--------------------------------------------------
Hello,
I administrate several Sun Ultra1 workstations running Solaris 2.5.1 4/97
with several patches. All credentials and permission rights seem to
be ok, but if a user attempts to change his password on a client machine,
the following error message appears:
riker:schorsch:{/home/kirk1/schorsch}{33}:nispasswd
nispasswd: Changing password for schorsch
Enter login(NIS+) password:
Sorry: wrong passwd
Permission denied
The passwort changing on the server works fine.
Has somebody a solution for this problem?
Thanks a lot and bye,
Christian Becker
2. system("ls") --> C program ?
4. Penmouse
5. Shadow Passwd problems - does not work
9. Can't change password - PASSWD problem
10. passwd problem
11. Redhat 4.2 passwd problems
12. passwd problem