LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   I can't make 'useradd' work (https://www.linuxquestions.org/questions/slackware-14/i-cant-make-useradd-work-807024/)

lucmove 05-10-2010 02:49 PM
I can't make 'useradd' work
 
Code:
useradd -u 8001 -g luc -p mypassword -s /usr/bin/bash -d /home/luc luc
Open another terminal:
Code:
luc[159-0]test> ssh luc@61.62.63.64
luc@61.62.63.64's password:
Permission denied, please try again.
luc@61.62.63.64's password:
Permission denied, please try again.
luc@61.62.63.64's password:
Permission denied (publickey,password,keyboard-interactive).
Try again:
# userdel luc
# adduser
(answer all the questions...)

Jump back to the other terminal... Try SSH login... Success!

'adduser' works, 'useradd' doesn't. Why? I have read the man pages several times and can't find the error in my command line.

I have a similar problem with groupadd

This fails:
groupadd -g 8001 staff

This works:
groupadd staff

why?!

TIA

acid_kewpie 05-10-2010 02:52 PM
-p takes an encrypted password, not a plaintext passwd. It needs to be the exact md5 / sha hash that goes into /etc/shadow.

lucmove 05-10-2010 09:09 PM
Do you know how I can obtain that hash? I really wish I could automate this entire procedure...

'man useradd' says that -p specifies "the encrypted password, as returned by crypt(3)." There is no 'crypt' command or package, neither on Ubuntu nor on Slackware. I assume some other package or library provides that command, but the man page won't say what it is. That would be too helpful for a man page, which must be against the rules or something. ;)

custangro 05-10-2010 09:24 PM
Quote:
Originally Posted by lucmove (Post 3964075)
Do you know how I can obtain that hash? I really wish I could automate this entire procedure...

'man useradd' says that -p specifies "the encrypted password, as returned by crypt(3)." There is no 'crypt' command or package, neither on Ubuntu nor on Slackware. I assume some other package or library provides that command, but the man page won't say what it is. That would be too helpful for a man page, which must be against the rules or something. ;)
mcrypt is the Linux version of crypt ...

You can also do...

Code:
root@host# echo "password" ¦ md5sum
To get the hash...there is also a sha1sum command as well

lucmove 05-11-2010 09:11 PM
Well, I'm trying to get by on my own but haven't made much progress. To wit:

- I created the account with adduser, which works, then I checked what the encrypted password is in /etc/shadow. Then I ran echo "password" ¦ md5sum like you suggested. In fact, I tried that long before I got your reply. The output of that command does not match the encrypted password in /etc/shadow. I didn't try just md5sum, I also tried it with shasum, sha1sum, and all the other sha[1-9]*sum commands I have here, for good measure. None of those output the same encrypted password I have in /etc/shadow.

- I downloaded the mcrypt package, so now I have the mcrypt command. But I can't figure out how to use it to obtain the same encrypted password I can use in /etc/shadow. Mcrypt, in good Linux tradition, makes the whole task at hand a lot more difficult than it could have been. It refuses to output to the terminal so I can see the darn output and compare with the encrypted password I already have. So I redirect it to a file, which turns out to be binary and gets all garbled with 'cat'.

Can someone please enlighten me? This is getting really tiresome. I just want to use one damn option in one damn command, I am sick of going through all this trouble because of one line in my 80-line script.

TIA

bgeddy 05-11-2010 09:56 PM
I'm not sure about getting the crypt() result of a password but how about a workaround. Just create your user without supplying the password then add a line to the script to change the password like this :
Code:
useradd -u 8001 -g luc -s /usr/bin/bash -d /home/luc luc
echo "luc:mypassword" | chpasswd
That will do the same as your original one liner adding the user and adding the password.

custangro 05-11-2010 10:12 PM
Quote:
Originally Posted by lucmove (Post 3965212)
Well, I'm trying to get by on my own but haven't made much progress. To wit:

- I created the account with adduser, which works, then I checked what the encrypted password is in /etc/shadow. Then I ran echo "password" ¦ md5sum like you suggested. In fact, I tried that long before I got your reply. The output of that command does not match the encrypted password in /etc/shadow. I didn't try just md5sum, I also tried it with shasum, sha1sum, and all the other sha[1-9]*sum commands I have here, for good measure. None of those output the same encrypted password I have in /etc/shadow.

- I downloaded the mcrypt package, so now I have the mcrypt command. But I can't figure out how to use it to obtain the same encrypted password I can use in /etc/shadow. Mcrypt, in good Linux tradition, makes the whole task at hand a lot more difficult than it could have been. It refuses to output to the terminal so I can see the darn output and compare with the encrypted password I already have. So I redirect it to a file, which turns out to be binary and gets all garbled with 'cat'.

Can someone please enlighten me? This is getting really tiresome. I just want to use one damn option in one damn command, I am sick of going through all this trouble because of one line in my 80-line script.

TIA
instead of trying to pass the -p to the useradd command...why don't you add one more line to your 80 line script?

Code:
echo "password" ¦ passwd --stdin username
Just a thought

Richard Cranium 05-11-2010 11:44 PM
Quote:
Originally Posted by lucmove (Post 3965212)
Well, I'm trying to get by on my own but haven't made much progress. To wit:

- I created the account with adduser, which works, then I checked what the encrypted password is in /etc/shadow. Then I ran echo "password" ¦ md5sum like you suggested. In fact, I tried that long before I got your reply. The output of that command does not match the encrypted password in /etc/shadow. I didn't try just md5sum, I also tried it with shasum, sha1sum, and all the other sha[1-9]*sum commands I have here, for good measure. None of those output the same encrypted password I have in /etc/shadow.

- I downloaded the mcrypt package, so now I have the mcrypt command. But I can't figure out how to use it to obtain the same encrypted password I can use in /etc/shadow. Mcrypt, in good Linux tradition, makes the whole task at hand a lot more difficult than it could have been. It refuses to output to the terminal so I can see the darn output and compare with the encrypted password I already have. So I redirect it to a file, which turns out to be binary and gets all garbled with 'cat'.

Can someone please enlighten me? This is getting really tiresome. I just want to use one damn option in one damn command, I am sick of going through all this trouble because of one line in my 80-line script.

TIA
"man 3 crypt" tells you how the password is generated. It isn't an md5 hash of the input string.

bgeddy 05-12-2010 09:55 AM
Quote:
Do you know how I can obtain that hash? I really wish I could automate this entire procedure...
I have been looking into the crypt function and have made a little python script that takes the password as a command line argument and returns the encrypted password. Here it is:-
Code:
#!/usr/bin/python
import sys,crypt,random,string
def salt(chars = string.letters + string.digits):
        return random.choice(chars) + random.choice(chars)

if len(sys.argv) != 2:
        print "Error in command line"
        exit(1)
print crypt.crypt(sys.argv[1],salt())
If you create a script file with this, for example tpwd.py, and make it executable you may run your original one liner to add a user, (from the directory tpwd.py is in), like this :
Code:
useradd -u 8001 -g luc -p $(./tpwd.py mypassword) -s /usr/bin/bash -d /home/luc luc
and the user will be created with the supplied password.

acid_kewpie 05-12-2010 10:50 AM
well you can use the chpasswd tool to do this seperately, which does take in a plain text password. You can also feed chpasswd a single file / stdin stream of user:password lines and it'll do them all in one go.


All times are GMT -5. The time now is 03:30 PM.