Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a task to change users password and send the email to them on a VPN box.The issues I am having is that some password created has special characters that linux has issues variablizing
I don't know what is an error system qq, but you can't set a password by echoing into standard input of the passwd program. passwd reads from the tty, not standard input (exception: see below).
As above, the how to set the password is something you need to look into further, but as for your special characters, if you simply exclude double quotes you can store what you like in the password
or if you want to get tricky you could simply escape all special characters
If I had a time machine I'd go find the first person to use this stupid term "special characters" and take appropriate measures to stop them. All characters can be special. :@
Anyway, if certain symbols are causing problems, just don't use them - length matters more - a random 20 character alphanumeric-only string is more secure than a 15 character string that includes symbols.
(Also, any passwords/codes sent over email should be one-time use only, requiring users to specify their own password when they login.)
I don't know what is an error system qq, but you can't set a password by echoing into standard input of the passwd program. passwd reads from the tty, not standard input (exception: see below).
Thanks for your reply, but I have always done this :
Code:
echo -e "Ch@g3me\nCh@g3me" | passwd mock
Changing password for user mock.
New password: BAD PASSWORD: is too simple
Retype new password: passwd: all authentication tokens updated successfully.
But this isn't the issue since I have changed that block for the one below:
Code:
open my $pipe, '|chpasswd' or die "can't open pipe: $!";
print {$pipe} "$username:$newpassword";
close $pipe;
But still issue is that there are certain special characters that wont work well into a variable.
i.e '122SDfe$%"' or '122SDfe$%\' and I am not sure if there are other characters that would do the same so instead of testing every special character, I just want to choose from a few like my script below but I want it to always use a special character
As above, the how to set the password is something you need to look into further, but as for your special characters, if you simply exclude double quotes you can store what you like in the password
or if you want to get tricky you could simply escape all special characters
Nah the directive is that, special characters must always be used. I did also do that using sed
Code:
$newpassword =~ s/"//g;
$newpassword =~ s/'//g;
but then my manager tested and said it seems that other characters may cause an issue
Today I learned that I has a misconception about the passwd program. It does read from stdin.
Your language doesn't look like shell; Perl perhaps? In any case, putting characters like $ and \ into a double-quoted string in a shell program requires quoting them. Instead, this works:
Code:
$ { echo $p; echo $p
> }
122SDfe$%\
122SDfe$%\
$ { echo $p; echo $p
> } | sudo passwd bla
Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
The ">" is a prompt, by the way.
Last edited by berndbausch; 01-31-2020 at 11:38 AM.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by boughtonp
If I had a time machine I'd go find the first person to use this stupid term "special characters" and take appropriate measures to stop them. All characters can be special. :@
Anyway, if certain symbols are causing problems, just don't use them - length matters more - a random 20 character alphanumeric-only string is more secure than a 15 character string that includes symbols.
(Also, any passwords/codes sent over email should be one-time use only, requiring users to specify their own password when they login.)
Whilst the security of the password versus the specific characters used is debatable what is not debatable is that any password should be able to use any valid characters. Input validation and flexibility should just be there.
Today I learned that I has a misconception about the passwd program. It does read from stdin.
Your language doesn't look like shell; Perl perhaps? In any case, putting characters like $ and \ into a double-quoted string in a shell program requires quoting them. Instead, this works:
Code:
$ { echo $p; echo $p
> }
122SDfe$%\
122SDfe$%\
$ { echo $p; echo $p
> } | sudo passwd bla
Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
The ">" is a prompt, by the way.
Yea, its perl. Thanks for your help though, but I need it to work in a script as a variable, so e.g
Code:
$pass= '@#@1232^?\'
wont work, and this is just an example which would be easy, but if you remember, my script has a password generator, so it'd just be easier to amalgamate some text with characters I want and then get a pssword.
Sorry, to me Perl is the last frontier, and I have not dared yet penetrating its philosophy. Thus I don't know if and how Perl variables and Perl strings behave differently than shell ones. Surely there are ways to quote special characters? Perhaps your problem comes from your code outputting the same variable twice with a single echo command - how about issuing two echos as I did in the shell snippet?
which passes the command to the filehandle STATUS after setting that to STDOUT (which it usually is, by default, but I took that snippet from a program that's also writing to a file)
You appear to be double quoting a string containing double quotes, which I wouldn’t expect to work. I suspect that’s the cause of the error.
If you're quoting the entire command, you shouldn't need to do anything about quoting the variable at all.
The contents of the variable shouldn't matter.
Thank you for still trying to assist. But my issue is not perl related atm. I am just trying to get this bash to work and then I can port it over into perl code if needed
Thank you for still trying to assist. But my issue is not perl related atm. I am just trying to get this bash to work and then I can port it over into perl code if needed
When I say work, I mean trying to get the script to always print values with a special character, is that possible?
Sorry, but I don't understand this code. Still looks like Perl to me, and I simply don't know this language. If it's Bash, it's syntax I have never seen. What command or function is my? Also, I know of printf, but not print. What are all the at signs?
Last edited by berndbausch; 02-01-2020 at 12:45 AM.
... what is not debatable is that any password should be able to use any valid characters. Input validation and flexibility should just be there.
Absolutely - the poorly worded point I was trying to make was that a generated password doesn't need to increase it's character set size from 62 items to 96 items in order to be secure.
It's not uncommon to see generated codes in the format "aaaa-aaaa-aaaa-aaaa" (where each "a" is a randomly selected alphabetical letter or numerical digit) and that is sufficiently secure.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.