script to verify password

perldesire has asked for the wisdom of the Perl Monks concerning the following question:

Replies are listed 'Best First'.
Re: script to verify password by marto (Cardinal) on Aug 17, 2009 at 11:06 UTC
One solution would be to use something like Net::SSH::Expect to connect to the server using the login details you have, and check the `$login_output` Martin	[reply] [d/l]
Re: script to verify password by Perlbotics (Archbishop) on Aug 17, 2009 at 20:54 UTC
You didn't say if you want to check the password for a local or remote host. The other responses provide useful advice to validate the password by trying to access a remote system. However, it is not a good idea to allow root access at all. Consider to disable remote root access (see PermitRootLogin in sshd_config). Instead, login using a non-privileged account and then check the root password locally - as described by rovf and marto. If you want to check the root password locally, it would be nice to just mill the password and the salt through crypt and compare the result with the hashed password. However, on most systems, you need root privileges to access /etc/shadow in order to get the necessary information. Furthermore, some (most?) systems doesn't use crypt anymore. Update: Well, seems that crypt is smart enough to handle a variety of hash algorithms. However, on systems that store hashes in /etc/shadow, privileged access is still required - even for validation. The script below works - at least here - with any non-privileged account. .oO(always thought there is a program or library-call to validate passwords - but couldn't find one - other monks will know...) Meanwhile, the following snipped might be a suitable workaround: `use strict; use warnings; use IPC::Open2; chomp(my $pwd = <>); my($chld_out, $chld_in); my $phrase = quotemeta "lookatme-i-am-roy"; my $pid = open2($chld_out, $chld_in, '/bin/su -c echo\\ ' . $phrase . ' 2>&1'); print $chld_in $pwd , "\n"; my $outcome = grep(/$phrase/, <$chld_out>); print "Password is ", $outcome ? "valid\n" : "not correct!\n"; waitpid($pid, 0);` [download] It tries to run a single echo command after successfully switching user. The script checks for the expected output. HTH	[reply] [d/l]
Re: script to verify password by rovf (Priest) on Aug 17, 2009 at 13:19 UTC
Net::Telnet? -- Ronald Fischer <ynnor@mm.st>	[reply] [d/l]
Re^2: script to verify password by marto (Cardinal) on Aug 17, 2009 at 13:27 UTC
Perhaps not a good idea considering telnet security. Martin	[reply]
Re^3: script to verify password by rovf (Priest) on Aug 17, 2009 at 14:17 UTC
Perhaps not a good idea considering telnet security. IMO not an issue for people who store the root password in plain text in a variable.... -- Ronald Fischer <ynnor@mm.st>	[reply] [d/l]
Re^4: script to verify password by marto (Cardinal) on Aug 17, 2009 at 14:34 UTC
Re^5: script to verify password by rovf (Priest) on Aug 17, 2009 at 14:43 UTC
Re: script to verify password by perldesire (Scribe) on Aug 18, 2009 at 13:04 UTC
Thank you so much for all the monks.... Finally i used, getpwuid and crypt which was learnt from perldoc -f crypt. Thanks once again.	[reply]