Date: Sat, 15 Aug 2020 20:49:11 +0200 From: Polytropon <freebsd@edvax.de> To: Grzegorz Junka <list1@gjunka.com> Cc: freebsd-questions@freebsd.org Subject: Re: Verify user password Message-ID: <20200815204911.7007deca.freebsd@edvax.de> In-Reply-To: <af84bcef-ceff-4d7f-b012-3ef06e0ed5ec@gjunka.com> References: <af84bcef-ceff-4d7f-b012-3ef06e0ed5ec@gjunka.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 15 Aug 2020 12:39:06 +0000, Grzegorz Junka wrote: > How can I verify if a given password matches the password stored in > master.passwd database for a user account that is set up with > /nonexistent and /usr/sbin/nologin (so a user that can't normally login > to the system but still can have a password stored in the database)? First of all, /nonexistent and /usr/sbin/nologin have different purposes: if after a successful login the user's interactive shell is to be executed, /nonexistent leads to a "cannot find that program to execute, exiting right now" situation, while /usr/sbin/nologin can actually be executed and then displays an error message and exits, terminating the session. See "man 1 login" and "man 1 nologin" for details. Regarding password verification: If you have read access to /etc/master.passwd and the clear text password of a user, you can use the crypt() function to generate the encrypted password, and then compare that. I think that is what you try to do, correct? provided: plain-text password P from somewhere encrypted password E from /etc/master.passwd intended: is crypt(P) == E? approach: P' = crypt(P) test if P' == S This is of course very simplified. :-) See "man 5 passwd" and especially "man 3 crypt" for details. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200815204911.7007deca.freebsd>