$pwd = (getpwuid($<))[1];

                   system "stty -echo";
                   print "Password: ";
                   chomp($word = <STDIN>);
                   print "\n";
                   system "stty echo";

                   if (crypt($word, $pwd) ne $pwd) {
                       die "Sorry...\n";
                   } else {
                       print "ok\n";
                   }
[download]

CU
Robartes-

Hi,
Sorry, but the way proposed by robartes, while certanly a solution is not 'the right thing'.

If you want to authenticate a user there are two aspects that must be adressed:

• you must get the password without echoing it back
• you must check the password agains the user password known to the system.

The first problem depends on the kind of interface you use (GUI, command line...). I'll try to help you there if you say something more about your interface.

the second problem is where the meat is. If, as it is the case of allmost all Unix installation these days, your system uses PAM, you could use the wonderfull modules avaible on CPAN Authen::PAM and Authen::SimplePam. The first is more powerfull, while the second, as the name suggests, is simpler and generally adapted to solve the kind of problems you have.

If any problem should arise using these modules, feel free to ask again, I'll try to help as well as I can

Hoping the help does some good...

#!/usr/bin/perl
#Check password encryption 

$username  = shift || die "Usage $0 username plaintext_password\n";
$plaintext = shift || die "Usage $0 username plaintext_password\n";
$encpass    = (getpwnam($username))[1];
print "Testing encryption ... ";

if (crypt($plaintext, $encpass) ne $encpass) {
  print "FAILED\nTrying MD5 encryption ... ";
  if ( eval "use Crypt::PasswdMD5" ) {
    print "FAILED\n\nCannot try MD5 since Crypt::PasswdMD5 is not inst
+alled.\n";
  } else {
    if (&unix_md5_crypt($plaintext, $encpass) ne $encpass) {
      print "FAILED\n\nUnable to automatically use passwords from your
+ system.\n";
    } else {
      print "OK\n\nMD5 passwords were detected.\n";
    }
  }
} else {
  print "OK\n";
}
[download]

That approach is going to fail on any system that uses shadow password files. Many modern Unices use shadow password files.

Abigail

Abiigail-II said::

That approach is going to fail on any system that uses shadow password files.

I don't know why. getpwent() and friends do the right thing even in systems with shadow passwords, provided you are superuser.

Perl's crypt() will call whatever crypt() is there in the system's library. Crypt::Passwd and Crypt::PasswdMD5 will cover the gap if you want to use a file from a different (incompatible) crypted password, but this is not the case at hand..

Best regards

-lem, but some call me fokat

You could simply define the username/password in your program, and see if it matches the ones the user submits. But this has nothing to do with Perl. You could do this in many other languages.

We are talking about an app with root access but no brute forcing or stuff like that.

Oh, so the password would be the password of a system account? Your question is poorly worded. Why does your application need root access? I would try to avoid that, if I were you. (And don't even think of putting the root password in the program, like I suggest above.) If you must use a system account, then I would create a special account, which only has privileges to accomplish what your application needs done.