Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re^2: replacing password in a file

by afoken (Chancellor)
on May 13, 2015 at 18:57 UTC ( [id://1126582]=note: print w/replies, xml ) Need Help??


in reply to Re: replacing password in a file
in thread replacing password in a file

Perl has the crypt() function that uses DES

Are you sure? All documentation I found just states that crypt() calls crypt() in the C library. And that function in the C library is free to choose any algorithm. Maybe crypt() in your perl on your computer uses DES. But that is just how the C library on your computer is implemented. On other computers, the C library may use a different algorithm, perhaps even choose one of a few depending on some external configuration.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Replies are listed 'Best First'.
Re^3: replacing password in a file
by GotToBTru (Prior) on May 13, 2015 at 19:04 UTC

    My copy of "The Perl 5 Programmer's Reference" says it uses DES. It's from 1997. Next time I'll double check with perldoc.

    Dum Spiro Spero
      My copy of "The Perl 5 Programmer's Reference"

      Has a review here: The Perl 5 Programmer's Reference. I think I saw it in a store or some illegal copy somewhere on the net, and it is barely more than the perldoc that came with perl.

      says it uses DES. It's from 1997. Next time I'll double check with perldoc.

      Just ran a search for "DES" on my local POD for perl 5.18.1 (from 2013), and got only one match: perlcygwin allows to compile perl with -lcrypt, explicitly mentioning DES: "The crypt package distributed with Cygwin is a Linux compatible 56-bit DES crypt port by Corinna Vinschen."

      Since the book is from 1997, and is essentially a printed perldoc, a Perl version from that time should mention DES.

      perl 5.004, dated 15 May 1997 (first from 1997 on CPAN)
      perlfunc says: "Encrypts a string exactly like the crypt(3) function in the C library", no trace of DES. Not even a brute force search is successful, only tons of false positives (DESTROY, DESCRIPTION).
      perl 5.003_07, dated 10 Oct 1996 (the oldest one on CPAN)
      perlfunc has the same text, and the search has again only false positives.

      So, where does the DES information come from?

      A really brute force search across all perl versions on perl5.git.perl.org has quite a few matches with many false positives and many test scripts, but none before 1997-12-24. Perl 5.003_07 has only false positives, i.e. no trace of DES in Perl 5.003_07. Older versions have been excluded by the git brute force search.

      The Win32/cygwin ports had DES for ages, using a third party DES crypt() implementation. But for other systems, DES is not mentioned (or at least I did not find any hints.)

      So the book must be either wrong (assuming crypt implements DES for all operating systems) or badly worded (making you think Win32 DES crypt or DES crypt in some libc apply to all operating systems).

      Alexander

      --
      Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

        That's about right. It's useful for reminders about syntax, but the usage examples are really hit and miss, and this is a good example of a miss. Under usage for crypt(), it begins "The crypt function allows you to encrypt string according to the NBS Data Encryption Standard algorithm, or DES." Whether or not that was true back then (very unlikely considering your research), it isn't true now. Solution is the same: check perldoc.

        Dum Spiro Spero
      user1 { pwd=hello group=accounts } user2 { pwd=godknows group=admin } i want to change the pasword of a particular user. I used grep function to get the pasword line no. after tht i m using awk command to change the pasword. But how can i used it I cant understand.plz help me ,how can i update tht pasword.

        1. Search here or in here for examples of how to replace text in a file.

        2. Find out what method has been used to encrypt the passwords in the first place.

        3. Put those together in a script, and if it doesn't work, share it with us and we can help.

        I'm not interested in writing programs for you (unless you are paying). I delight in helping people learn to program in Perl. The same is true for most of the people here.

        Dum Spiro Spero

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://1126582]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others goofing around in the Monastery: (9)
As of 2024-03-28 11:53 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found