Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
11-16-2005, 09:19 AM
|
#1
|
|
Senior Member
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Arch
Posts: 1,374
Rep: 
|
verifying a login w/ /etc/shadow
I am writing a web-interface program that needs users to logon. I want any user on the system to be able to log on if they are a member of a specific group. What I need to know is how the passwords are encrypted into /etc/shadow. I thought it was md5, but trying 'echo "thepassword" | md5sum' did not return the same encrypted form as the one I see in /etc/shadow.
MY question: what program do I pass the plaintext form of the password to to obtain the encrypted form I would use to compare w/ the one in /etc/shadow for logins.
|
|
|
|
|
11-17-2005, 08:12 AM
|
#2
|
|
Moderator
Registered: May 2001
Posts: 29,417
|
Your question should be: "I understand I should not try and invent the wheel again, especially since tried and tested methods exist. So please explain how I can use the standard Linux authentication framework (PAM) to it's full advantage."
//Moderator note: this thread should go to /Programming, since it's a coding issue, not a security issue.
|
|
|
|
|
11-17-2005, 08:39 AM
|
#3
|
|
Senior Member
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Arch
Posts: 1,374
Original Poster
Rep:
|
ok, so do I move the thread or do you? and also I am not looking for a way to code it, I am looking for a command I can run...
|
|
|
|
|
11-17-2005, 09:21 AM
|
#4
|
|
Member
Registered: Oct 2004
Posts: 229
Rep:
|
check if you have a checkpassword command, if you don't. Check http://checkpasswd-pam.sourceforge.net/ for an improved version of it. |
|
|
|
|
11-17-2005, 01:20 PM
|
#5
|
|
Senior Member
Registered: Aug 2003
Location: Portland, Oregon
Distribution: Arch
Posts: 1,374
Original Poster
Rep:
|
ok, I installed check-password not check-password-pam, I am not using pam. I run checkpassword and it just exits... I try --help and it just exits, I type man checkpassword and it says no entry... how do I use it?
|
|
|
|
All times are GMT -5. The time now is 07:46 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
