|
|
Sponsored Content
Special Forums
Cybersecurity
swordfish --- a password generator
Post 302507014 by Perderabo on Tuesday 22nd of March 2011 02:18:42 PM
03-22-2011
Quote:
Hi,
I use your tool on Solaris 10, only i get this error.
[machine:user]$ ./swordfish
>>}###@>---- format +s +x 10
./swordfish[39]: !X0 && !X1 && !X2 && !X3 && !X4 && !Carry : bad number
password statistics are on
password expansions are on
10 passwords will be generated per template
I use your tool on Solaris 10, only i get this error.
[machine:user]$ ./swordfish
>>}###@>---- format +s +x 10
./swordfish[39]: !X0 && !X1 && !X2 && !X3 && !X4 && !Carry : bad number
password statistics are on
password expansions are on
10 passwords will be generated per template
Opps! Sorry ArcAngel, I had not noticed your report before. Better late than never I guess.
There is no X4, it only goes up to X3. The fix was to remove "!X4 && " from that line. Actually, it's odd that the script ran everywhere else.I have recently been ordered to use 12 character randomly generated passwords that meet strong complexity requirements. That is why I have dusted off this old script. I need it badly right now. Ironically, I want to to run on Solaris just like ArcAngel. I also tested it on RedHat and it broke on the latest ksh. I had to change my character slicing technique to get it work. I used to do stuff like this:
Code:
first=${x%${x#?}}Code:
first=$x
while ((${#first} > 1 )) ; do
first=${first%?}
doneThis User Gave Thanks to Perderabo For This Post:
|
|
7 More Discussions You Might Find Interesting
1. Cybersecurity
I need a great Password Generator program. I looked at a few of them, but none of them seemed to be what I wanted. So I have decided to write my own. (That's the cool thing about being a programmer....I always get what I want in software :) )
Do you have any password generators that you... (13 Replies)
Discussion started by: Perderabo
13 Replies
2. UNIX for Dummies Questions & Answers
Is there a command to generate the unix date that is in theshadow file?>? (2 Replies)
Discussion started by: BG_JrAdmin
2 Replies
3. Shell Programming and Scripting
Hi experts,
I'd like to generate the table/file containing:
number of milliseconds elapsed since midnight till midnight.
It should contain 5 columns (hours minutes seconds milliseconds):
Table will have theoretically 86 400 000 rows.
My question is , is there somewhere the file or source... (7 Replies)
Discussion started by: hernand
7 Replies
4. Shell Programming and Scripting
Thanks Guys
This really helped (5 Replies)
Discussion started by: robert89
5 Replies
5. UNIX for Beginners Questions & Answers
Hi,
I am new to bash scripting and i wanted to make a bash script that will generate a password for a user. The user must enter his/her name and the url of the site the password is used for. And the script will generate a password with those two elements in the password. So if the url is... (0 Replies)
Discussion started by: Kvr123
0 Replies
6. Shell Programming and Scripting
I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars
head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo ''
6USUvqRB
------ Post updated at 04:43 PM ------
Any Help folks - Can the output be passed onto a sed command to... (9 Replies)
Discussion started by: infernalhell
9 Replies
7. Forum Support Area for Unregistered Users & Account Problems
I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login.
Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies
LEARN ABOUT DEBIAN
otpw-gen
OTPW-GEN(1) General Commands Manual OTPW-GEN(1) NAME
otpw-gen - one-time password generator SYNOPSIS
otpw-gen [ options ] DESCRIPTION
OTPW is a one-time password authentication system. It can be plugged into any application that needs to authenticate users interactively. One-time password authentication is a valuable protection against password eavesdropping, especially for logins from untrusted terminals. Before you can use OTPW to log into your system, two preparation steps are necessary. Firstly, your system administrator has to enable it. (This is usually done by configuring your login software (e.g., sshd) to use OTPW via the Pluggable Authentication Module (PAM) configura- tion files in /etc/pam.d/.) Secondly, you need to generate a list of one-time passwords and print it out. This can be done by calling otpw-gen | lpr or something like otpw-gen -h 70 -s 2 | a2ps -1B -L 70 --borders no if more control over the layout is desired. You will be asked for a prefix password, which you need to memorize. It has to be entered immediately before the one-time password. The prefix password reduces the risk that anyone who finds or steals your password printout can use that alone to impersonate you. Each one-time password will be printed behind a three digit password number. Such a number will appear in the password prompt when OTPW has been activated: Password 026: When you see this prompt, enter the memorized prefix password, followed immediately by the one-time password identified by the number. Any spaces within a password have only been inserted to improve legibility and do not have to be copied. OTPW will ignore the difference between the easily confused characters 0O and Il1 in passwords. In some situations, for example if multiple logins occur simultaneously for the same user, OTPW defends itself against the possibility of various attacks by asking for three random passwords simultaneously. Password 047/192/210: You then have to enter the prefix password, followed immediately by the three requested one-time passwords. This fall-back mode is acti- vated by the existence of the lock file ~/.otpw.lock. If it was left over by some malfunction, it can safely be deleted manually. Call otpw-gen again when you have used up about half of the printed one-time passwords or when you have lost your password sheet. This will disable all remaining passwords on the previous sheet. OPTIONS
-h number Specify the total number of lines per page to be sent to standard output. This number minus four header lines determines the number of rows of passwords on each page. The maximum number of passwords that can be printed is 1000. (Minimum: 5, default: 60) -w number Specify the maximum width of lines to be sent to standard output. This parameter determines together with the password length the number of columns in the printed password matrix. (Minimum: 64, default: 79) -s number Specify the number of form-feed separated pages to be sent to standard output. (Default: 1) -e number Specify the minimum entropy of each one-time password in bits. The length of each password will be chosen automatically, such that there are at least two to the power of the specified number possible passwords. A value below 30 might make the pass- words vulnerable to a brute-force guessing attack. If the attacke might have read access to the ~/.otpw file, the value should be at least 48. Paranoid users might prefer long high-security passwords with at least 60 bits of entropy. (Default: 48) -p0 Generate passwords by transforming a random bit string into a sequence of letters and digits, using a form of base-64 encod- ing (6 bits per character). (Default) -p1 Generate passwords by transforming a random bit string into a sequence of English four-letter words, each chosen from a fixed list of 2048 words (2.75 bits per character). -f filename Specify a file to be used instead of ~/.otpw for storing the hash values of the generated one-time passwords. AUTHOR
The OTPW package, which includes the otpw-gen progam, has been developed by Markus Kuhn. The most recent version is available from <http://www.cl.cam.ac.uk/~mgk25/otpw.html>. SEE ALSO
pam(8), pam_otpw(8) 2003-09-30 OTPW-GEN(1)