PWDAUTH() PWDAUTH()
NAME
pwdauth - password authentication program
SYNOPSIS
/usr/lib/pwdauth
DESCRIPTION
Pwdauth is a program that is used by the crypt(3) function to do the hard work. It is a setuid root utility so that it is able to read the
shadow password file.
Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt. That is, the two arguments of
the crypt function. The input read in a single read call must be 1024 characters or less including the nulls. Pwdauth takes one of two
actions depending on the salt.
If the salt has the form "##user" then the user is used to index the shadow password file to obtain the encrypted password. The input
password is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow
password file. If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal failure. The string
"##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login.
If the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned. If salt and password
are null strings then a null string is returned.
The return value is written to standard output as a null terminated string of 1024 characters or less including the null.
The exit code is 1 on any error.
SEE ALSO crypt(3), passwd(5).
NOTES
A password must be checked like in this example:
pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);
The second argument of crypt must be the entire encrypted password and not just the two character salt.
AUTHOR
Kees J. Bot (kjb@cs.vu.nl)
PWDAUTH()
Check Out this Related Man Page
CRYPT(3) Library Functions Manual CRYPT(3)NAME
crypt, setkey, encrypt - DES encryption
SYNOPSIS
char *crypt(key, salt)
char *key, *salt;
setkey(key)
char *key;
encrypt(block, edflag)
char *block;
DESCRIPTION
Crypt is the password encryption routine. It is based on the NBS Data Encryption Standard, with variations intended (among other things)
to frustrate use of hardware implementations of the DES for key search.
The first argument to crypt is a user's typed password. The second is a 2-character string chosen from the set [a-zA-Z0-9./]. The salt
string is used to perturb the DES algorithm in one of 4096 different ways, after which the password is used as the key to encrypt repeat-
edly a constant string. The returned value points to the encrypted password, in the same alphabet as the salt. The first two characters
are the salt itself.
The other entries provide (rather primitive) access to the actual DES algorithm. The argument of setkey is a character array of length 64
containing only the characters with numerical value 0 and 1. If this string is divided into groups of 8, the low-order bit in each group
is ignored, leading to a 56-bit key which is set into the machine.
The argument to the encrypt entry is likewise a character array of length 64 containing 0's and 1's. The argument array is modified in
place to a similar array representing the bits of the argument after having been subjected to the DES algorithm using the key set by
setkey. If edflag is 0, the argument is encrypted; if non-zero, it is decrypted.
SEE ALSO passwd(1), passwd(5), login(1), getpass(3)BUGS
The return value points to static data whose content is overwritten by each call.
CRYPT(3)
Hello All,
I have an application user (INFORMIX). This is a system user. It runs processes That I am unaware of. I need to discover the user's password. I can't change it, because it will affect the processes it's runnig. Is there a utility that will allow me to 'su' to that user from root... (3 Replies)
Hi,
Is there a way of executing encrypted files? I have encrpyted files using vi and crypt, but when I execute the encrypted file, it takes the contents literally (special characters, junk - encrpyted format).
Kind Regards,
Kawah (4 Replies)
We are currently using a script to copy the same encrypted password between our HP-UX and Solaris servers editing the trusted and shadow files directly. The encrypted password is only 13 characters long on both servers and decrypts the same way. Is there a way to copy this same string to Linux... (5 Replies)
Hi All,
I have the file in the following format.I need to change the password "tomcat","admin","mgr" and "testing" in the file with the encrypted passwords.
The encrypted passwords are given to me by another script.
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role... (22 Replies)
Hi.
I want to write a C Program that get a user name and password , then compare it with encrypted password in /etc/shadow.
I start with below program:
#define _XOPEN_SOURCE
#include <stdio.h>
#include <time.h>
#include <unistd.h>
#include <crypt.h>
int main (void)
{
char... (7 Replies)
Hi
I have a password stored in a file (which is a user input)
The password is having the special character $
say the password is pw$ord and is stored in the file pw_note
I am using the following statement to store the passowrd in a
variable
$schema_pwd = `cat $dir/pwd_note` ;
Now if i print... (4 Replies)
I need to encrypt a ".txt" file with password settings and it should decrypt the file automatoically when end user types correct password.
Can some one help me on this.
Thank you (3 Replies)
This is the source code:
#include <pwd.h>
#include <iostream>
#include <string.h>
using namespace std;
int main()
{
struct passwd *user;
char login="alex", password="qwertyuiop";
if ((user= getpwnam(login)) == NULL)
cout << "No such user\n";
else if... (24 Replies)
Hi,
I am new to shell scripting.
script should accept the user value and then compare that value with the null.
If null then assign the value "*" to the variable else will use the user inputed value.
How to do this ?
With Regards (3 Replies)
Today i was going through some of security guides written on linux .
Under shadow file security following points were mentioned.
1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.
2)Usernames in shadow file must satisfy to all the same rules as... (14 Replies)
i have an application that uses the encrypted password that's in the /etc/shadow file.
i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.
this application allowed that... (5 Replies)
Greetings All
I have a specific use case: for the deployment of a standard AIX Golden Image via mksysb, I have been requested to set the root user password to NULL with forced change on first login. Currently the admins need to remember when the Golden Image mksysb was created to calculate the... (5 Replies)
Hi Team
I have created some time back a user called "iuser"
but I am not able to login with it. I am getting below error.
# su - iuser
su: user iuser does not exist
tried to unlock the user still get same error
# pam_tally2 -u iuser -r
pam_tally2: pam_get_uid; no such user iuser... (7 Replies)