I want to allow anyone to log into my account on a server. To accomplish this, I would have an account with a simple password. Then, in the .bash_profile file, I'd have this line:

perl "login.pl"

[download]

The login.pl file would hold the following code:

#!/usr/bin/perl
$SIG{TSTP} = 'IGNORE';

system "stty -echo";
system "clear";

print "Enter Password: ";
$input = <STDIN>;
chomp $input;

open FILE, "<.admin";
@passwd = <FILE>;
chomp @passwd;
close FILE;

($nil, $passwd) = split(":", $passwd[0]);
$input = crypt($input, substr($passwd, 0, 2));

if ($input ne $passwd) {
system "clear";
system "stty echo";
print "Enter URL: ";
$url = <STDIN>;
chomp $url;
system "lynx $url";
exec "login.pl";

} else {

for $i (1 .. $#passwd) {
system "clear";
print "Enter Password: ";
$input = <STDIN>;
chomp $input;
($nil, $passwd) = split(":", $passwd[$i]);
$input = crypt($input, substr($passwd, 0, 2));
if ($input ne $passwd) { while (1) { system "clear"; print "Enter Pass
+word: "; $
a = <STDIN>; } }
}

system "stty echo";
system "clear";
print "Passwords Correct\n\n";
exit;
}

[download]

The .admin file looks something like this:

user1:password1
user2:password2
user3:password3
user4:password4
user5:password5

[download]

To sum it up, if the user does not enter the first correct password, it allows the user to only use lynx. The reason for the encrypted passwords is because anyone can look at the source of the script using lynx... Just pressing "g -> /home/user/login.pl" allows them to do so. I added the while loop in there so that if after the first password is entered correctly, the user has no idea whether or not the next 4 passwords are right! (Of course, this sucks for me if I enter one wrong!) The question is, anyone can also view the .admin file... Is 5 passwords enough (they are all VERY different in style and length). All I want to know is, do I risk any danger with this method of protection if I change the 5 passwords every week?

In reply to Is this script safe? by mt2k

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.