opening accounts from a non-root account ..
Peter Holzer
hp at vmars.tuwien.ac.at
Fri Jun 14 02:22:34 AEST 1991
lubkt at spectrum.CC.Lehigh.EDU (Binod K. Taterway) writes:
>All of this works fine for root; but -F option of passwd(1) does not
>work with non-root. So, I thought I might get around by generating
>encrypted password in the first place.
Good idea.
>Here begins my journey to the wonderous land of crypt(3), login(1),
>DES, and a host of other programs. I realize crypt cannot generate
>initial encrypted password because it doesn't have the right seed. Let
>EPW be the encrypted password of the clear-text password, PW. Then,
> EPW = crypt(PW, EPW)
>The second parameter of crypt is the seed: if the seed is same as EPW,
>then the result of crypt is same EPW. This is what is presumably used
>by login programs to validate a user.
>But, my problem is to generate EPW without initial seed.
The manual [crypt(3), makekey(8)] states that the salt are two
characters from the set [A-Za-z0-9./]. The salt is stored together with
the password so we can just use some random salt:
[...]
char saltchars [] = "AB...YZab...yz0123456789./";
char salt[2];
srand ((int)(time ((time_t *)0) + getpid()));
salt[0] = saltchars[rand() % 64];
salt[1] = saltchars[rand() % 64];
epw = crypt(pw, salt);
[...]
--
| _ | Peter J. Holzer | Think of it |
| |_|_) | Technical University Vienna | as evolution |
| | | | Dept. for Real-Time Systems | in action! |
| __/ | hp at vmars.tuwien.ac.at | Tony Rand |
More information about the Comp.unix.wizards
mailing list