[Chicago-talk] accessing NIS password

Richard Reina richard at rushlogistics.com
Thu Mar 9 07:59:53 PST 2006 

Darren,
 
 Thank you very much for the reply.  Unfortunately, for me I am running linux which appears to use MD5 and a complicated salt that has me stumped.
 
 So far I've tried:
 
 #MD5 salt
 my @chars = ('a'..'z','A'..'Z','0..9','.');
 
 for (1..8) {
     $MD5salt .= $chars[int(rand(scalar(@chars)))];
 }

 my $tpass = crypt($plainfromuser, '$1$' . $MD5salt);
 
 unix_MD5_crypt($plainfromuser, '$1$' . $MD5salt) also gives me the same result (string)
 
 while $tpass does match $passwd in length (number of characters) the string is vastly different and as a result does not match.
 
 Any additional help would be greatly appreciated.
 
 Thanks, again for the help thus far.
 
"Young, Darren" <Darren.Young at ChicagoGSB.edu> wrote: 
Use the getpw* (getpwnam) functions to return the user's password entry,
if your name service switch is configured correctly it'll return the
entry regardless of location.

You MUST have the encrypted first to perform the comparision. This is
also assuming you're password is in crypt format and not something else
(MD5, etc). If it is crypt, take the first 2 characters to get the salt
then re-crypt() the plain from the user with that salt. Once that's done
just string compare the 2, if they match, the password was correct,
else, it was wrong.

>>>

my $username = 'foo';
my $plainfromuser = 'hispass';
my $currentsalt;

my ($name, $passwd, $uid, $gid, $quota, $comment, 
 $gcos, $dir, $shell) = getpwnam($username);

$currentsalt = substr($passwd,0,2);

my $tpass = crypt($plainfromuser, $currentsalt);

if ( $tpass eq $passwd ) {
    print "good\n";
} else {
    print "bad\n";
}

Just tried that on my NIS enabled Solaris 8 system and it worked.



 
 I am trying to write a script that prompts a user ( that is
already logged in ) for his password when he runs certain perl
applications.  I am able to write the part that prompts the user for the
password with "no echo" however I have no idea how to compare the entry
to his password especially since we use NIS and thus the passwords are
not on the local machine but on the server ( on the same LAN).  Can
anyone provide any help on how I would compare the entry against the NIS
password?
 
 Thanks in advance,
 
 Richard
 
 
 A people that values its privileges above its principles soon
loses both.
 -Dwight D. Eisenhower.

_______________________________________________
Chicago-talk mailing list
Chicago-talk at pm.org
http://mail.pm.org/mailman/listinfo/chicago-talk



A people that values its privileges above its principles soon loses both.
 -Dwight D. Eisenhower.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pm.org/pipermail/chicago-talk/attachments/20060309/555e8c0e/attachment.html

More information about the Chicago-talk mailing list