Wong_powah@yahoo.ca : > How to generate a password string to be used by the useradd command? > e.g. If I want my password to be "zxASqw12", then what should the > parameter of the "useradd test -p" command be?
The manpage says that's the encrypted password as returned from crypt. I see there's something called mcrypt to replace crypt, so maybe:
> How to generate a password string to be used by the useradd command? > e.g. If I want my password to be "zxASqw12", then what should the > parameter of the "useradd test -p" command be?
Why don't you just use the `passwd' utility?
Regards, Ertugrul S=C3=B6ylemez.
-- Security is the one concept, which makes things in your life stay as they are. Otto is a man, who is afraid of changes in his life; so naturally he does not employ security.
On Jul 9, 10:24 pm, Ertugrul Soeylemez wrote: > wong_po...@yahoo.ca (07-07-09 09:11:43): > > How to generate a password string to be used by the useradd command? > > e.g. If I want my password to be "zxASqw12", then what should the > > parameter of the "useradd test -p" command be? > Why don't you just use the `passwd' utility? > Regards, > Ertugrul S=F6ylemez. > -- > Security is the one concept, which makes things in your life stay as > they are. Otto is a man, who is afraid of changes in his life; so > naturally he does not employ security.
On Jul 9, 2:08 pm, "s. keeling" wrote: > wong_po...@yahoo.ca : > > How to generate a password string to be used by the useradd command? > > e.g. If I want my password to be "zxASqw12", then what should the > > parameter of the "useradd test -p" command be? > The manpage says that's the encrypted password as returned from > crypt. I see there's something called mcrypt to replace crypt, so > maybe: > useradd test -p `mcrypt zxASqw12` # > However, useradd's default is to leave the account disabled, meaning > the user will have to change the password before they'll be allowed > in. If you didn't use something as obvious as "test" for the > username, that might be the way to go. > -- > Any technology distinguishable from magic is insufficiently advanced. > (*) http://www.spots.ab.ca/~keeling Linux Counter #80292 > - - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.
If the user will have to change the password before they'll be allowed in, then will the original password be overwritten before it is used?
> > > How to generate a password string to be used by the useradd command? > > > e.g. If I want my password to be "zxASqw12", then what should the > > > parameter of the "useradd test -p" command be? > > > Why don't you just use the `passwd' utility? > I want to execute useradd in a script.
So what? Use both in the script.
Regards, Ertugrul S=C3=B6ylemez.
-- Security is the one concept, which makes things in your life stay as they are. Otto is a man, who is afraid of changes in his life; so naturally he does not employ security.
Wong_powah@yahoo.ca wrote: > On Jul 9, 2:08 pm, "s. keeling" wrote: >> wong_po...@yahoo.ca : >>>> How to generate a password string to be used by the useradd command? >>> e.g. If I want my password to be "zxASqw12", then what should the >>> parameter of the "useradd test -p" command be? >> The manpage says that's the encrypted password as returned from >> crypt. I see there's something called mcrypt to replace crypt, so >> maybe: >>> useradd test -p `mcrypt zxASqw12` # >> However, useradd's default is to leave the account disabled, meaning >> the user will have to change the password before they'll be allowed >> in. If you didn't use something as obvious as "test" for the >> username, that might be the way to go. >>> -- >> Any technology distinguishable from magic is insufficiently advanced. >> (*) http://www.spots.ab.ca/~keeling Linux Counter #80292 >> - - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me. > If the user will have to change the password before they'll be allowed > in, then will the original password be overwritten before it is used?
There's a bit more to it than this. If you look at the manpage for mcrypt, you'll see you need a bunch of parameters, and it's not on my machine anyway. I would suggest better way is to write a wrapper around the crypt function, see the section 3 man page for crypt. You also need to generate a "salt", which is just a random string to help add some strength to the algorithm. Doing this with your chosen password above yields this string as one possibility: $1$WpHFiwYg$K8edj5oHulcaYWMq4SNX1. (Note that the period at the end of the string happens to be part of the string, not punctuation. Also beware of the $'s when passing this string through the shell.)
I don't think you have to worry about changing the password by the user--as far as I can tell from the man page, useradd only disables the account when the password isn't provided.
Having said all that, wouldn't it be easier to follow the earlier suggestion, which was to add the user with useradd and then use passwd to set the password?
On Jul 10, 11:36 pm, Steve Sentoff wrote: > wong_po...@yahoo.ca wrote: > > On Jul 9, 2:08 pm, "s. keeling" wrote: > >> wong_po...@yahoo.ca : > >>> How to generate a password string to be used by the useradd command? > >>> e.g. If I want my password to be "zxASqw12", then what should the > >>> parameter of the "useradd test -p" command be? > >> The manpage says that's the encrypted password as returned from > >> crypt. I see there's something called mcrypt to replace crypt, so > >> maybe: > >> useradd test -p `mcrypt zxASqw12` # > >> However, useradd's default is to leave the account disabled, meaning > >> the user will have to change the password before they'll be allowed > >> in. If you didn't use something as obvious as "test" for the > >> username, that might be the way to go. > >> -- > >> Any technology distinguishable from magic is insufficiently advanced. > >> (*) http://www.spots.ab.ca/~keeling Linux Counter #80292 > >> - - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me. > > If the user will have to change the password before they'll be allowed > > in, then will the original password be overwritten before it is used? > There's a bit more to it than this. If you look at the manpage for > mcrypt, you'll see you need a bunch of parameters, and it's not on my > machine anyway. I would suggest better way is to write a wrapper around > the crypt function, see the section 3 man page for crypt. You also need > to generate a "salt", which is just a random string to help add some > strength to the algorithm. Doing this with your chosen password above > yields this string as one possibility: > $1$WpHFiwYg$K8edj5oHulcaYWMq4SNX1. > (Note that the period at the end of the string happens to be part of the > string, not punctuation. Also beware of the $'s when passing this > string through the shell.) > I don't think you have to worry about changing the password by the > user--as far as I can tell from the man page, useradd only disables the > account when the password isn't provided. > Having said all that, wouldn't it be easier to follow the earlier > suggestion, which was to add the user with useradd and then use passwd > to set the password? > -- > Steve
I add the user with useradd and then use passwd to set the password.
# useradd -m -G users,wheel -s /bin/bash operator4 # passwd operator4 Changing password for user operator4. New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully.
Message de S. Keeling (keeling@nucleus.com) (09 Juillet 2007)
Linux Counter #80292
