Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have an ubuntu virtual server (Hardy) with ProFTPD 1.3.1 Server (Debian) installed and running correctly, however when i add a new user using the command:
Code:
# useradd -m -d /home/ftp/ -p password username
I cannot ftp into the account, it says i have an incorrect password. I need to be able to use the -p switch as otherwise i would have to give public users access to the passwd command which is obviously a great security risk. using useradd poses a lot less risk!
If i do use the passwd command then everything works as expected
now adduser as normal point to desire home path
but shell user as /usr/bin/passwd
the advantage,
1)user can have ftp home login
2)user able to change pass login with ssh
- because when user ssh to the system , system only ask for
- to change password , with no others facility
#!/usr/bin/perl
use strict;
my $SALT='$1$FSE8ha32RarD$';
open(USERLIST, "userlist") or die "Failed to open userlist file\n";
while(<USERLIST>){
my($user, $pass, $other)=split(/ /, $_);
my $enc_pass=crypt($pass, $SALT);
# system("/etc/sbin/useradd -p $enc_pass $user");
print("/etc/sbin/useradd -p $enc_pass $user\n");
}
This was to create multiple users from a Text file, but could easily be modified for your own use.
now adduser as normal point to desire home path
but shell user as /usr/bin/passwd
the advantage,
1)user can have ftp home login
2)user able to change pass login with ssh
- because when user ssh to the system , system only ask for
- to change password , with no others facility
cheers
Thanks for the reply routers and i would do as you suggest if it were possible, however the users who this is being aimed at will not want to or be able to ssh into the server at all, it is only for ftp access! The form is filled out on a web page, checked and verified, then they are given an ftp only account. Since it is a web app php/apache has to run the command, the security holes of allowing php/apache to have access to passwd is too great, whereas allowing it to create a new user as long as all info is properly screened is a lot less so. Hence the reason i need to get the --password switch to work on the useradd command!
If you or anybody else could help me understand why the --password switch does not work as it should (afaik). As far as i understand the man pages, the password switch is supposed to enable the account using that password, but it seems to be ignoring it completely and using the default setting of disabling the account until passwd is used!
The -p option for useradd is for passing an encrypted password.
This means that you should be typing something like:
Code:
useradd -p $1$easthgaGA$tes2b4426436y username
Rather than:
Code:
useradd -p mypassword username
Thanks a lot Disillusionist i will try this solution next, and thanks for the sample code!
Quote:
Are you scripting the user creation? If not, is it that much work to run passwd as a second phase to the user creation?
As i replied to Router, the issue is that this is running as a web app php/apache and the security implications of allowing the webserver run passwd is just too great. I am able to give sudo access to the webserver for specific commands, but i don't want to give it that one as some malicious person of ill intent / granny with a keyboard could change root passwords etc.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
