logier@cheops.UUCP (Rob Logie) (02/19/91)
RE: Changing passwords from within a shell/c program I live in a country where "crypt" is not avaliable (To my knowedge) and the problem I have is how do you change a users password from a shell script, where typically the new password (and possiblly the old Password) would be passed as parameters to the script. The normal password program does not seem to be usable as it expects keyboard response. I require this facility so that I can co-ordinate passwords over multiple hosts on our network for users and also to co-ordinate passwords with Lan-Manager servers. Thanks in advance Rob Logie EMAIL: logier@cheops.qld.tne.oz.au
prl@iti.org (Peter Lamb) (02/19/91)
logier@cheops.UUCP (Rob Logie) writes: > RE: Changing passwords from within a shell/c program PS. I _do_ hope you don't intend making this a setuid shell script. peter -- Peter Lamb uucp: uunet!mcsun!ethz!prl eunet: prl@iis.ethz.ch Tel: +411 256 5241 Integrated Systems Laboratory ETH-Zentrum, 8092 Zurich
jik@athena.mit.edu (Jonathan I. Kamens) (02/20/91)
In article <39@cheops.UUCP>, logier@cheops.UUCP (Rob Logie) writes: |> RE: Changing passwords from within a shell/c program Get Dan Bernstein's "pty" package (available from the comp.sources.unix archive in volume 23). Then, you can run "pty passwd" instead of just "passwd" and pipe the username and password into it. I suspect you can also do this with Don Libes' "expect" program (available in /pub/expect.shar.Z on uunet.uu.net, and in other locations as well). -- Jonathan Kamens USnail: MIT Project Athena 11 Ashford Terrace jik@Athena.MIT.EDU Allston, MA 02134 Office: 617-253-8085 Home: 617-782-0710
duncan@comp.vuw.ac.nz (Duncan McEwan) (02/20/91)
In article <39@cheops.UUCP> logier@cheops.UUCP (Rob Logie) writes: >I live in a country where "crypt" is not avaliable (To my knowedge) I think you will find that crypt(3) is available in Australia. It certainly is in NZ and we are subject to the same export regulations. Whether it is a real DES based crypt or something else I don't know*, but it should certainly be the same routine that your system uses to encrypt users passwords (otherwise how would passwd(1) do it?). If you want to be sure, try compiling and running the following. Type your clear text password when prompted, (just make sure noone is looking over your shoulder at the time :-) and the first two characters of your password from /etc/passwd when asked for the salt -- the result it prints should be the same as your passwd entry. --- cut here --- char passwd[10], salt[5]; char *crypt(); main() { printf("passwd? "); scanf("%8s", passwd); printf("salt? "); scanf("%2s", salt); printf ("encrypted password is %s\n", crypt(passwd, salt)); } --- cut here as well --- * I believe the restriction prevents export of the DES algorithm from the US whereas the crypt(3) routine implements a "modified" DES and so is not covered, but am open to correction on this. -- Duncan
pd@x.co.uk (Paul Davey) (02/22/91)
>>>>> On 19 Feb 91 20:15:34 GMT, jik@athena.mit.edu (Jonathan I. Kamens) said: Jonathan> In article <39@cheops.UUCP>, logier@cheops.UUCP (Rob Logie) writes: Jonathan> |> RE: Changing passwords from within a shell/c program Jonathan> Get Dan Bernstein's "pty" package (available from the comp.sources.unix Jonathan> archive in volume 23). Then, you can run "pty passwd" instead of just Jonathan> "passwd" and pipe the username and password into it. Jonathan> I suspect you can also do this with Don Libes' "expect" program (available Jonathan> in /pub/expect.shar.Z on uunet.uu.net, and in other locations as well). Alternatively assuming you have networking you could use rsh (or remsh on SYSV) to handle the ptys for you. rsh `hostname` passwd < scriptfile where scriptfile contains two lines eg foobar foobar Not particluarly secure, but quick and fairly widely applicable. -- Regards, pd@x.co.uk IXI Limited Paul Davey pd@ixi.uucp 62-74 Burleigh St. ...!uunet!ixi!pd Cambridge U.K. "These are interesting times" +44 223 462 131 CB1 1OJ
root@mentorg.com (systems) (02/23/91)
In article <39@cheops.UUCP> logier@cheops.UUCP (Rob Logie) writes: >would be passed as parameters to the script. The normal password program >does not seem to be usable as it expects keyboard response. I heard a talk on "expect" at the LISA conference in colorado springs. It will let you get around the problem of passwd wanting keyboard response. Here is an excerpt from the README file... expect may be ftp'd as pub/expect.shar.Z from durer.cme.nist.gov. Request email delivery by mailing to "library@cme.nist.gov". The contents of the message should be (no subject line) "send pub/expect.shar.Z". Once you have retrieved the system, please read the INSTALL file. The papers mentioned above can be retrieved separately as pub/expect.ps.Z and pub/expect-sysadm.ps.Z. The expect program requires Tcl (which you may already have). (The expect library does not need Tcl.) Tcl for BSD may be retrieved as pub/tcl.tar.Z in the same way as described above for expect. When new releases of Tcl appear from Berkeley, I will try to check them out for expect as soon as possible. If you would like to get the newest Tcl release without waiting, ftp pub/tcl.tar.Z from ucbvax.berkeley.edu. You may request email copies of Tcl by writing to ouster@sprite.berkeley.edu. Tell him whether you want Tcl for BSD or SV.