Login or Register to Ask a Question and Join Our Community


Shell Programming and Scripting

how to check for valid password

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting how to check for valid password
# 1  
Old 12-08-2011
how to check for valid password
I need to check if an account has a valid password.

Would something like this work?

Code:
read ACCNAME
if grep -q "^$ACCNAME:\$6:" /etc/shadow; then

I noticed every entry in my shadow file that has a password starts with $6 ... it works for my current setup, but would it always work? I can't test for ^$ACCNAME:*: since !!* is locked and !! has no password.

Thanks!
# 2  
Old 12-08-2011
From man 5 shadow

Code:
...

       encrypted password
           Refer to crypt(3) for details on how this string is interpreted.

           If the password field contains some string that is not a valid
           result of crypt(3), for instance ! or *, the user will not be able
           to use a unix password to log in (but the user may log in the
           system by other means).

           This field may be empty, in which case no passwords are required to
           authenticate as the specified login name. However, some
           applications which read the /etc/shadow file may decide not to
           permit any access at all if the password field is empty.

           A password field which starts with a exclamation mark means that
           the password is locked. The remaining characters on the line
           represent the password field before the password was locked.

...

From man 3 crypt:

Code:
...
   Glibc Notes
       The glibc2 version of  this  function  supports  additional  encryption
       algorithms.

       If  salt is a character string starting with the characters "$id$" fol-
       lowed by a string terminated by "$":

              $id$salt$encrypted

       then instead of using the DES machine,  id  identifies  the  encryption
       method  used  and  this  then  determines  how the rest of the password
       string is interpreted.  The following values of id are supported:

              ID  | Method
              ---------------------------------------------------------
              1   | MD5
              2a  | Blowfish (not in mainline glibc; added in some
                  | Linux distributions)
              5   | SHA-256 (since glibc 2.7)
              6   | SHA-512 (since glibc 2.7)

       So   $5$salt$encrypted   is   an   SHA-256   encoded    password    and
       $6$salt$encrypted is an SHA-512 encoded one.

...

      "salt" stands for the up to 16 characters following "$id$" in the salt.
       The encrypted part of the password string is the actual computed  pass-
       word.  The size of this string is fixed:

       MD5     | 22 characters
       SHA-256 | 43 characters
       SHA-512 | 86 characters

       The  characters  in  "salt"  and  "encrypted"  are  drawn  from the set
       [a-zA-Z0-9./].  In the MD5 and SHA implementations the  entire  key  is
       significant (instead of only the first 8 bytes in DES).

...

So don't look for !*, look for anything except [0-9a-zA-Z./$] in that field
# 3  
Old 12-08-2011
What would be my best approach right now since I want to search for something that starts with

Code:
"^$ACCNAME:"

and doesn't end with

Code:
[0-9a-zA-Z./$]

but from what I see that's for the second field only.
# 4  
Old 12-08-2011
"^${ACCNAME}:[^0-9a-zA-Z./\$]" ?
This User Gave Thanks to Corona688 For This Post:
ADay2Long
# 5  
Old 12-09-2011
I forgot that if it didn't match it means that there is indeed a password. Forgive my noobiness!

Still working on my grasp of regexs.

Thanks for your help Corona688!
Last edited by ADay2Long; 12-09-2011 at 12:36 AM.. Reason: spelling...
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Check for valid hostnames

Hello, I am trying to develop a script to check for valid hostnames. Below are the prerequisites for a valid hostname which I got from wiki : Hostnames are composed of series of labels concatenated with dots, as are all domain names. For example, "en.wikipedia.org" is a hostname. Each label... (8 Replies)
Discussion started by: rahul2662
8 Replies

2. Shell Programming and Scripting

Check if time format is valid

How can I validate if time (HH:MM:SS) argument is valid? I got this from web but I can't modify it to exit the script if the time argument is invalid. echo $1 | awk -F ':' '{ print ($1 <= 23 && $2 <= 59 && $3 <= 59) ? "good" : "bad" }' ex: ./script.ksh 12:34:21 = okay ./script.ksh... (10 Replies)
Discussion started by: erin00
10 Replies

3. Shell Programming and Scripting

Check if a string is a valid timestamp in UNIX.

Hi all, I have date and time value in a string, I want to check if it is a valid date and time. Need help on this. Thanks (7 Replies)
Discussion started by: Pratiksha Mehra
7 Replies

4. Shell Programming and Scripting

Need a script to check if an argument is valid shell variable

I need a script that should print 'yes' if the argument is a valid shell variable name else 'No' if it is not a valid shell variable. A valid one begins with an alphabet or percentage (%) character and is followed by zero or more alphanumberic or percentage (%) characters. For example: $... (6 Replies)
Discussion started by: pingiliarjun
6 Replies

5. Shell Programming and Scripting

How to check the user input to be valid using shell script?

How to check the user input to be valid using shell script? The valid input is in the format like as follows. 1. It can only have r,w,x or a hyphen and nothing else. 2. ensure the r, w, x are in the correct order. for example: rwxr-xr-x is a valid format. Thanks (5 Replies)
Discussion started by: hyeewang
5 Replies

6. UNIX for Dummies Questions & Answers

How to check if file contains valid strings?

Hi All, I am a newbie...I would like to have a function which ll check if a file contains valid strings before "=" operator. Just to give you my requirement: assume my file has content: hello= gsdgsd sfdsg sgdsg sgdgdg world= gggg hhhh iiiii xxxx= pppp ppppp pppp my... (5 Replies)
Discussion started by: rtagarra
5 Replies

7. Homework & Coursework Questions

Bash shell - Check if value is valid directory.

1. The problem statement, all variables and given/known data: The script usage will be as follows: library.third source_directory - Your script will display an appropriate error message and exit with status 3 if no parameters are given - Your script will display an appropriate error... (2 Replies)
Discussion started by: netmaster
2 Replies

8. Shell Programming and Scripting

to check whether a directory or filename path is valid or not

the script on excution should take a directory path from useran a numric input and it should check indicate whether its write or not? if the cmmd sh<script-name>,dir/path.<500>" is greater than 500 in size should be copied to dir ,temp in pwd and display the mesage'files of 2000 bytes hav been... (4 Replies)
Discussion started by: arukr
4 Replies

9. Shell Programming and Scripting

Check valid records in really big file with one commend..

Hi, I have a 5 gig file, no record terminators, field terminators are newline. The record length is 768 and I would like to check that every 768th byte is a newline and print out the byte position if it isn't. I would like to do this going either forward or backwards with one command if... (3 Replies)
Discussion started by: vtischuk@yahoo.
3 Replies

10. Shell Programming and Scripting

How to check for a valid numeric input

Hi Folks, I'm using bash script. I would like to check whether input is a number or not.(Only positive numbers).. if space or non numeric is entered, it should say "invalid input". pls help.. thanks in adv. Br/// Vijay. (1 Reply)
Discussion started by: Vijayakumarpc
1 Replies
Login or Register to Ask a Question