swordfish --- a password generator Post: 302507014

Sponsored Content

Special Forums Cybersecurity swordfish --- a password generator Post 302507014 by Perderabo on Tuesday 22nd of March 2011 02:18:42 PM

03-22-2011

Administrator Emeritus

Quote:

Originally Posted by ArcAngel

Hi,

I use your tool on Solaris 10, only i get this error.

[machine:user]$ ./swordfish
>>}###@>---- format +s +x 10
./swordfish[39]: !X0 && !X1 && !X2 && !X3 && !X4 && !Carry : bad number
password statistics are on
password expansions are on
10 passwords will be generated per template

Opps! Sorry ArcAngel, I had not noticed your report before. Better late than never I guess. Smilie

There is no X4, it only goes up to X3. The fix was to remove "!X4 && " from that line. Actually, it's odd that the script ran everywhere else.

I have recently been ordered to use 12 character randomly generated passwords that meet strong complexity requirements. That is why I have dusted off this old script. I need it badly right now. Ironically, I want to to run on Solaris just like ArcAngel. I also tested it on RedHat and it broke on the latest ksh. I had to change my character slicing technique to get it work. I used to do stuff like this:

Code:

first=${x%${x#?}}

to get the first character. That breaks depening on the contents of the field. That had always been the case but it breaks more easily with today's ksh. I switched to

Code:

        first=$x
        while ((${#first} > 1 )) ; do
               first=${first%?}
        done

which works all the time and it much faster than it looks. I upgraded the help system a little, corrected spelling errors, etc. I had to reverse engineer my own code so I upgraded the comments quite a bit as well. It saved me from needed to memorize a string of garbage from a lesser password generator. I hope others can use it as well.

This User Gave Thanks to Perderabo For This Post:

Perderabo

View Public Profile for Perderabo

Find all posts by Perderabo

7 More Discussions You Might Find Interesting

1. Cybersecurity

Password Generator

I need a great Password Generator program. I looked at a few of them, but none of them seemed to be what I wanted. So I have decided to write my own. (That's the cool thing about being a programmer....I always get what I want in software :) ) Do you have any password generators that you...

2. UNIX for Dummies Questions & Answers

date generator

Is there a command to generate the unix date that is in theshadow file?>?

3. Shell Programming and Scripting

time generator

Hi experts, I'd like to generate the table/file containing: number of milliseconds elapsed since midnight till midnight. It should contain 5 columns (hours minutes seconds milliseconds): Table will have theoretically 86 400 000 rows. My question is , is there somewhere the file or source...

4. Shell Programming and Scripting

Sequence generator

Thanks Guys This really helped

5. UNIX for Beginners Questions & Answers

Password generator with user inputs

Hi, I am new to bash scripting and i wanted to make a bash script that will generate a password for a user. The user must enter his/her name and the url of the site the password is used for. And the script will generate a password with those two elements in the password. So if the url is...

6. Shell Programming and Scripting

Random Password generator with 2 digits and 6 characters

I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo '' 6USUvqRB ------ Post updated at 04:43 PM ------ Any Help folks - Can the output be passed onto a sed command to...

7. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own...

LEARN ABOUT ULTRIX

passwd

passwd(1) General Commands Manual passwd(1)

Name
passwd - create or change password

Syntax
passwd [-aefs] [name]

Description
The command lets you or the superuser change your password. When you enter the command, the program prompts you for the old password and
then for the new password. Next, the program asks you for the new password again, to verify that you have typed it correctly. Note that
the passwords are not displayed on the screen.

Your new password must meet the length requirements specified by the superuser. To review these requirements, refer to the file. (This is
a read-only file.)

If your system is running with increased security, you may have to choose a password from a list of randomly generated passwords, or you
may need authorization to change your password. At higher security levels, you may be prohibited from changing your password until its
minimum lifetime has expired, as specified in the Authorization Database.

If you are running the BIND/Hesiod service, your password will be updated automatically on the server.

Options
-a Supply a list of randomly generated passwords. (See the Examples section.)

-e Use an extended protocol when communicating with a prompter program. As a result, the standard input and output (used by is sent to
this program.

-f Change the finger information, not the password. The finger program provides information about current ULTRIX users, such as login and
terminal name, idle time and office location.

-s Change the login shell of the password file, not the password entry.

Restrictions
If you use a hardcopy terminal, you must destroy all print outs of valid passwords.

Examples
The following example illustrates the -a option, which displays a list of randomly generated passwords and their suggested pronunciation
with hyphens. The hyphens delineate the syllables of the passwords:
passwd -a abcd
Changing password for abcd

Here are some suggested passwords:

ryegd ryeg-di
aswurku a-swurk-u
ryedok ryed-ok
teleccs tel-ec-cos
wahislas wa-hi-slas

Enter new password:

Diagnostics
Password must be at least 6 characters long, password unchanged
Your password does not meet the minimum length requirement specified in

Warning: Only the first 8 characters of the password are significant
Your password exceeds the maximum length requirement specified in

Permission denied
You do not have the privilege to change your password. The minimum lifetime has not expired.

Password is not different enough, unchanged
Your new password must be different from your old password.

Password must be different than logname, and not resemble previous password
Your new password must be different from your login name.

Verification failed, password unchanged
You misspelled the verification of your new password.

Files
Password file

Authorization data base directory

Authorization data base page

Data base service selection and security configuration file
Only the superuser and members of the group can access the and files.

See Also
chfn(1), chsh(1), finger(1), login(1), shexp(1), yppasswd(1yp), passwd(5yp), edauth(8), vipw(8)
Guide to System Environment Setup
Security Guide for Users
Security Guide for Administrators
"Password Security: A Case History", Supplementary Documents, Volume 3: System Manager

passwd(1)