What encryption does the /etc/shadow file use for passwords?
I am just wondering what encryption method the shadow file uses, so that I may be able to manually change it. I ask this because I am trying to make a web page that will allow people to change their linux password via a browser.
Or if anyone has any better ideas I am open to suggestions. Thanks again. |
Quote:
And I would *NEVER* allow password changes via web page....so many security holes, it's not even funny. That said, it's your call...I'd use the default "passwd" program, and just pass it a string from the web form, and not code your own. |
If you want to supply more information on what your intending to achieve might be able to give a better answer to this question. Are the customer's not able to use SSH for any particular reason?
I would advise that if you have a page that does anything around passwords that you ensure it's using an SSL certificate (ie an https:// page instead of a normal http://). |
Customers can use SSH if they choose, but this is for a uni project, and I am meant to add extra value, one such value being web stuff, file upload, password changing and blog software etc.
How would I pass a string to passwd from a web page? Would it be purely just: - Quote:
|
There is a non-interactive mode for the passwd cmd
echo password | passwd --stdin $USER |
All times are GMT -5. The time now is 05:02 PM. |