On Mon, Dec 01, 2003 at 09:19:51AM +0100, Dariush Pietrzak wrote: > > try to login with 'user' via ftp (using the newly created shadow file), > ftp deamons usually provide command for creating passwd files, proftpd: > ftpasswd, muddleftpd: mudpasswd. > > > user:$apr1$DlJ9I...$E8VL0rjQKdl1pVgH2q10C. > > user:$1$NR.fOvEF$.hOr7l7msiIfz6sP4l0yS/ > Even with the same tools passwds wont match: > pokurcz:/tmp# passwd oracle > Enter new UNIX password: > Retype new UNIX password: > passwd: password updated successfully > pokurcz:/tmp# grep oracle /etc/shadow > oracle:$1$wRhm9QF5$3r41IcRFn0P/PO5Yg5VqK/:12387:0:99999:7::: > pokurcz:/tmp# passwd oracle > Enter new UNIX password: > Retype new UNIX password: > passwd: password updated successfully > pokurcz:/tmp# grep oracle /etc/shadow > oracle:$1$IEy1afpX$6F5lP3Axj8nA0s639qz441:12387:0:99999:7::: > > And that was the same password.
> > > So my question is, that is it possible to create passwords for a shadow > > file with a command line tool? > You could use PAM for that - create pam setting with alternative location > for files, and point your passwd to that pam ( /etc/pam.d/passwd ). > But in general, I'd like to hear the answer to that question. > use mkpasswd from whois package: mkpasswd --hash=md5 monpass here is the result $1$YHxt6uZp$3gYVC2rkikn0eKQaYncpo/ you can use it as the "crypted" password for your command (like useradd -p '$1$YHxt6uZp$3gYVC2rkikn0eKQaYncpo/' user1 Info: the value between $1$ and $ is the salt, when the user enter is passwd, the system crypt it with the salt in the shadow file for this login, like this: mkpasswd --hash=md5 --salt=YHxt6uZp monpass and compare it with the stored md5 pass ... if it's the same ... the user is authenticated. the salt is a random string generated at the time you create the "md5" pass. -- Emmanuel Lacour ------------------------------------ Easter-eggs 44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité Phone: +33 (0) 1 43 35 00 37 - Fax: +33 (0) 1 41 35 00 76 mailto:[EMAIL PROTECTED] - http://www.easter-eggs.com