Re: Shadow Passwords

Try using Crypt::Passwd or Crypt::PasswdMD5 to generate the hashed password. The salt bytes are *very* important, as these protect your passwords from pre-computed hash lists. Use random bytes for these (Math::TrulyRandom comes to mind).

Best regards

-lem, but some call me fokat

Comment on Re: Shadow Passwords

Replies are listed 'Best First'.
Re: Re: Shadow Passwords by Anonymous Monk on May 03, 2003 at 16:57 UTC
is it possible to do this then: my $epassword = `openssl passwd -apr1 -salt '$1' '$password'`; !system ('useradd', '-g', 'users', '-d', "/home/$username", '-p', $epassword, '-s', '/bin/false', '-c', $fullname, $username) or die "Creation of User Failed"; [download]	[reply] [d/l]
Re: Re: Re: Shadow Passwords by fokat (Deacon) on May 03, 2003 at 18:05 UTC
I would seriously consider Util's (++) suggestion about using Expect. His point about PAM and hashing algorythm is worthy of examination, IMHO. This also makes the solution more portable, as generally `passwd` has a very similar behavior among systems. This is not true for `useradd` or `adduser`. Best regards -lem, but some call me fokat	[reply]