[Chicago-talk] accessing NIS password

Jess Balint jbalint at gmail.com
Fri Mar 10 16:59:29 PST 2006

I would say, first, make sure the hashed password is returned and not 'x'
(shadow). Then, check out this page:




Should have enough details.


Jess Balint



From: chicago-talk-bounces+jbalint=gmail.com at pm.org
[mailto:chicago-talk-bounces+jbalint=gmail.com at pm.org] On Behalf Of Richard
Sent: Friday, March 10, 2006 9:06 AM
To: Chicago.pm chatter
Subject: Re: [Chicago-talk] accessing NIS password


Dear Darren,

I still stumped and under increasing pressure to get this figured out.  I
know it's not a lot of money, but for a $100 would it be worth your while to
help me out.


"Young, Darren" <Darren.Young at ChicagoGSB.edu> wrote:

Use the getpw* (getpwnam) functions to return the user's password entry,
if your name service switch is configured correctly it'll return the
entry regardless of location.

You MUST have the encrypted first to perform the comparision. This is
also assuming you're password is in crypt format and not something else
(MD5, etc). If it is crypt, take the first 2 characters to get the salt
then re-crypt() the plain from the user with that salt. Once that's done
just string compare the 2, if they match, the password was correct,
else, it was wrong.


my $username = 'foo';
my $plainfromuser = 'hispass';
my $currentsalt;

my ($name, $passwd, $uid, $gid, $quota, $comment, 
$gcos, $dir, $shell) = getpwnam($username);

$currentsalt = substr($passwd,0,2);

my $tpass = crypt($plainfromuser, $currentsalt);

if ( $tpass eq $passwd ) {
print "good\n";
} else {
print "bad\n";

Just tried that on my NIS enabled Solaris 8 system and it worked.

I am trying to write a script that prompts a user ( that is
already logged in ) for his password when he runs certain perl
applications. I am able to write the part that prompts the user for the
password with "no echo" however I have no idea how to compare the entry
to his password especially since we use NIS and thus the passwords are
not on the local machine but on the server ( on the same LAN). Can
anyone provide any help on how I would compare the entry ag ainst the NIS

Thanks in advance,


A people that values its privileges above its principles soon
loses both.
-Dwight D. Eisenhower.

Chicago-talk mailing list
Chicago-talk at pm.org

A people that values its privileges above its principles soon loses both.
-Dwight D. Eisenhower.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pm.org/pipermail/chicago-talk/attachments/20060311/845a7ac8/attachment.html

More information about the Chicago-talk mailing list