Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

How to use MD5?

by pmme (Initiate)
on Sep 17, 2002 at 19:08 UTC ( [id://198592]=perlquestion: print w/replies, xml ) Need Help??

pmme has asked for the wisdom of the Perl Monks concerning the following question:

Hi all

I have been using the following script to create passwords for user accounts, and just got my wrists slapped because it is not creating md5 passwords, instead, its just creating plain crypt passwords.
my @chars = ('a'..'z', 'A'..'Z', 0..9); my $password = do {{ local $_ = join "" => map {$chars [rand @chars]} 1..8; redo unless /[a-z]/ && /[A-Z]/ && /\d/; $_; }}; my $salt = join '', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]; my $encrpass = crypt($password, $salt);
I have looked into Digest::MD5, but i am lost on how to use it.

Help would be much apprecaited.

Replies are listed 'Best First'.
Re: MD5?
by fokat (Deacon) on Sep 17, 2002 at 19:30 UTC
    Why don't you simply go with Crypt::PasswdMD5, which makes this easier?

    Digest::MD5 is only the digest function. It still is not the same as what you're doing.

    Regards.

      is there any reason why this wouldn't work then
      #! /usr/bin/perl use Digest::MD5 qw(md5 md5_hex md5_base64); my $password = 'hello'; my $encrpass = md5_hex($password); system "adduser -p $encrpass bob";
      I know its dodgy running system commands like that, but i stress i just knocked this up real quick to see if it would work.

      When i try to log in as bob with the pass of hello, it won't let me in
        The friendly crypt() function that you're likely to find in any *nix operating system, applies a (hopefully) cryptographically strong hashing function to the supplied password and salt. The general idea behind this, is converting the cleartext password you gave it into a hash (some people uses the term signature).

        With that hash, it is computationaly infeasible to find a strong-enough password. What this means in lay man terms, is that it is very hard to learn the original (cleartext) password out of the hash and salt that lives in /etc/passwd.

        I know of two common implementations of the crypt() functions: The DES based and the MD5 based. Newer systems tend to use the MD5 based crypt(), for a number of reasons.

        Note that the MD5-based crypt() is not the same as obtaining the hash of your password with Digest::MD5 or similar. The algorythm used internally by the MD5-based crypt() uses a number of transformations in which the MD5 algorythm is used, but is very different.

        Crypt::PasswdMD5 implements this algorythm in Perl, allowing you to reproduce the result of said crypt() functions in non-*nix systems or systems without a compatible crypt() implementation.

        Regards.

        This sets the password to the hex-encoded MD5 digest of the password (which eventually gets encoded using some variant of crypt before making it into your /etc/passwd). So it would "work", except that instead of typing the actual password at the prompt, you'd need to type in the MD5 hash. I doubt this is what you want.
Re: MD5?
by fglock (Vicar) on Sep 17, 2002 at 19:16 UTC
    use Digest::MD5 qw(md5 md5_hex md5_base64); my $encrpass = md5($password); # binary or my $encrpass = md5_hex($password); # human-readable or my $encrpass = md5_base64($password); # human-readable too
      How can i decrypt and use the password again?
      do i need to define anything else, as if i just use the two lines
      my $password = 'hello'; my $encrpass = md5($password);
      it doesn't work? ideas?
        That doesn't do what you want. Have a look at the reply from fokat below; it has the/a correct answer. Also, if your libc's crypt supports MD5 passwords natively, all you have to do is generate an appropriate salt; see this node for more info.
        that's why fglock had that line at the top of his post...

        use Digest::MD5 qw(md5 md5_hex md5_base64);
Re: MD5?
by sauoq (Abbot) on Sep 17, 2002 at 19:27 UTC

    You will likely want to use Digest::MD5::md5_hex() rather than Digest::MD5::md5(). The latter returns a binary digest. The former is more suitable for files which should be human editable because it returns the hexadecimal encoding of the binary digest.

    -sauoq
    "My two cents aren't worth a dime.";
    
Re: How to use MD5?
by no_slogan (Deacon) on Sep 18, 2002 at 00:25 UTC
    Here's an older node of mine that might help you get started md5-crypting passwds.
      Mdillon: the exact purpose of this is to create a user using adduser bob -p $encrypass as the command, run from a perl script. i'm stuck :-(
        First, you need to generate an appropriate salt. The code provided by tadman in this node should work.

        Then, either install Crypt::PasswdMD5 and use:

        use Crypt::PasswdMD5; my $crypted = unix_md5_crypt $passwd, $salt;
        Or, since you're apparently using RedHat (since adduser is a RedHat-specific command AFAIK) and your libc's crypt should do MD5-crypt automatically given a proper MD5 salt, use: my $crypted = crypt $passwd, $salt; To make sure this works, print the value of $crypt; it should be something like $1$b1yv9grF$mpwoS2r11VtENFrAmF2WW/ (instead of the shorter string returned by traditional DES-crypt). Once you've confirmed that you have what looks like an MD5-crypted password, use the value of $crypted in your command line:
        system("adduser", "bob", "-p", $crypted) == 0 or die "Error adding user 'bob': $!$/";
        The secret to getting crypt to work correctly is in providing a salt starting with '$1$' and having 8 characters (instead of the normal 2 used for DES-crypt). There are similar conventions for using other crypt variants (e.g. '$2$' for SHA-crypt).

        my  man adduser says:

        -p passwd The encrypted password, as returned by crypt(3). The default is to disable the account.

        That is, unless you use a modified adduser, you have to provide a crupt'ed password (not md5).

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://198592]
Approved by VSarkiss
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others exploiting the Monastery: (2)
As of 2024-03-19 06:11 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found