generate a password string to be used by the useradd command
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I tried
perl -e 'print crypt("sec!urXw12", "salt"),"\n"'
perl -e 'print crypt("sec!urXw12", "op"),"\n"'
perl -e 'print crypt("sec!urXw12", "mo"),"\n"'
However, the passwords generated by perl or openssl did not work on another computer.
Is there a better to generate encrypted password to be used by the useradd command?
Do not use this to create a user for anyone except yourself! (Will have same password as root!)
If you botch the "/etc/shadow" file, you may not be able to log in at all, even as root!
Remove the user from your previous attempts (if a user was created successfully).
Create the new user without using the -p option. (The user's account will be disabled until you complete the rest of these steps, unless you have configured your system to not require users to have passwords.)
Use "touch" to create a textfile where you can easily find it (like your "/root" directory).
Copy "/etc/shadow" to that new file, so now they have the same content.
Open the new file in your favorite editor, and copy root's password hash to where the new user's password hash needs to go.
Check very closely that you copied that whole hash and nothing but the hash!
Copy this file back to "/etc/shadow", overwriting the original.
Reboot and try to log in as the new user, with the same password you use to log in as root.
Quote:
root@darkstarlogin~#: userdel -r myusername
root@darkstarlogin~#: useradd -m myusername
root@darkstarlogin~#: touch /root/userPassword.txt
root@darkstarlogin~#: cp /etc/shadow /root/userPassword.txt
root@darkstarlogin~#: nano -w /root/userPassword.txt (Proceed to edit by copying the root user's password hash to where the new user's hash needs to go, erasing the "!" if there is one there. Nano happens to be the editor I prefer. Make sure to DOUBLE-CHECK your changes, and SAVE THE CHANGES before you exit the editor!)
root@darkstarlogin~#: cp /root/userPassword.txt /etc/shadow (Now, REBOOT and LOG IN as new user; use THE SAME PASSWORD YOU DO FOR ROOT!)
I think that it might be an idea to test the hashing function you use on your own password and then compare with the /etc/shadow entry. Part of the problem may be if you have any extra characters added such as \n.
Determine whether MD5 or another algorythm is used to hash passwords. Also, you may have changed what is used, so check out which hashing algorithm is used before proceeding.
cat /etc/default/passwd
# This file contains some information for
# the passwd (1) command and other tools
# creating or modifying passwords.
# Define default crypt hash. This hash will be
# used, if there is no hash for a special service
# the user is stored in.
# CRYPT={des,md5,blowfish}
CRYPT=md5
# Use another crypt hash for group passwowrds.
# This is used by gpasswd, fallback is the CRYPT entry.
# GROUP_CRYPT=des
# We can override the default for a special service
# by appending the service name (FILES, YP, NISPLUS, LDAP)
# for local files, use a more secure hash. We
# don't need to be portable here:
CRYPT_FILES=blowfish
# sometimes we need to specify special options for
# a hash (variable is prepended by the name of the
# crypt hash).
BLOWFISH_CRYPT_FILES=10
# For NIS, we should always use DES:
CRYPT_YP=des
Determine whether MD5 or another algorythm is used to hash passwords. Also, you may have changed what is used, so check out which hashing algorithm is used before proceeding. Pikashow ppsspp emulator
Last edited by mannubahti95; 07-06-2023 at 05:41 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.