PWDAUTH() PWDAUTH()
NAME
pwdauth - password authentication program
SYNOPSIS
/usr/lib/pwdauth
DESCRIPTION
Pwdauth is a program that is used by the crypt(3) function to do the hard work. It is a setuid root utility so that it is able to read the
shadow password file.
Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt. That is, the two arguments of
the crypt function. The input read in a single read call must be 1024 characters or less including the nulls. Pwdauth takes one of two
actions depending on the salt.
If the salt has the form "##user" then the user is used to index the shadow password file to obtain the encrypted password. The input
password is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow
password file. If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal failure. The string
"##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login.
If the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned. If salt and password
are null strings then a null string is returned.
The return value is written to standard output as a null terminated string of 1024 characters or less including the null.
The exit code is 1 on any error.
SEE ALSO crypt(3), passwd(5).
NOTES
A password must be checked like in this example:
pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0);
The second argument of crypt must be the entire encrypted password and not just the two character salt.
AUTHOR
Kees J. Bot (kjb@cs.vu.nl)
PWDAUTH()
Check Out this Related Man Page
CRYPT(3) Library Functions Manual CRYPT(3)NAME
crypt - one-way password encryption function
SYNOPSIS
#define _MINIX_SOURCE 1
#include <unistd.h>
char *crypt(const char *key, const char *salt)
DESCRIPTION
The first use of crypt() is to encrypt a password. Its second use is to authenticate a shadow password. In both cases crypt() calls
pwdauth(8) to do the real work.
Crypt() encrypts a password if called with a user typed key, and a salt whose first two characters are in the set [./0-9A-Za-z]. The
result is a character string in the [./0-9A-Za-z] alphabet of which the first two characters are equal to the salt, and the rest is the
result of encrypting the key and the salt.
If crypt() is called with a salt that has the form ##user then the key is encrypted and compared to the encrypted password of user in the
shadow password file. If they are equal then crypt() returns the ##user argument, if not then some other string is returned. This trick
assures that the normal way to authenticate a password still works:
if (strcmp(pw->pw_passwd, crypt(key, pw->pw_passwd))) ...
If key is a null string, and the shadow password is a null string or the salt is a null string then the result equals salt. (This is
because the caller can't tell if a password field is empty in the shadow password file.)
The key and salt are limited to 1024 bytes total including the null bytes.
FILES
/usr/lib/pwdauth The password authentication program
SEE ALSO getpass(3), getpwent(3), passwd(5), pwdauth(8).
NOTES
The result of an encryption is returned in a static array that is overwritten by each call. The return value should not be modified.
AUTHOR
Kees J. Bot (kjb@cs.vu.nl)
CRYPT(3)
Hello All,
I have an application user (INFORMIX). This is a system user. It runs processes That I am unaware of. I need to discover the user's password. I can't change it, because it will affect the processes it's runnig. Is there a utility that will allow me to 'su' to that user from root... (3 Replies)
Hi,
Is there a way of executing encrypted files? I have encrpyted files using vi and crypt, but when I execute the encrypted file, it takes the contents literally (special characters, junk - encrpyted format).
Kind Regards,
Kawah (4 Replies)
We are currently using a script to copy the same encrypted password between our HP-UX and Solaris servers editing the trusted and shadow files directly. The encrypted password is only 13 characters long on both servers and decrypts the same way. Is there a way to copy this same string to Linux... (5 Replies)
Hi All,
I have the file in the following format.I need to change the password "tomcat","admin","mgr" and "testing" in the file with the encrypted passwords.
The encrypted passwords are given to me by another script.
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role... (22 Replies)
Hi.
I want to write a C Program that get a user name and password , then compare it with encrypted password in /etc/shadow.
I start with below program:
#define _XOPEN_SOURCE
#include <stdio.h>
#include <time.h>
#include <unistd.h>
#include <crypt.h>
int main (void)
{
char... (7 Replies)
Hi
I have a password stored in a file (which is a user input)
The password is having the special character $
say the password is pw$ord and is stored in the file pw_note
I am using the following statement to store the passowrd in a
variable
$schema_pwd = `cat $dir/pwd_note` ;
Now if i print... (4 Replies)
I need to encrypt a ".txt" file with password settings and it should decrypt the file automatoically when end user types correct password.
Can some one help me on this.
Thank you (3 Replies)
This is the source code:
#include <pwd.h>
#include <iostream>
#include <string.h>
using namespace std;
int main()
{
struct passwd *user;
char login="alex", password="qwertyuiop";
if ((user= getpwnam(login)) == NULL)
cout << "No such user\n";
else if... (24 Replies)
Hi,
I am new to shell scripting.
script should accept the user value and then compare that value with the null.
If null then assign the value "*" to the variable else will use the user inputed value.
How to do this ?
With Regards (3 Replies)
Today i was going through some of security guides written on linux .
Under shadow file security following points were mentioned.
1)The encrypted password stored under /etc/shadow file should have more than 14-25 characters.
2)Usernames in shadow file must satisfy to all the same rules as... (14 Replies)
i have an application that uses the encrypted password that's in the /etc/shadow file.
i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios.
this application allowed that... (5 Replies)
Greetings All
I have a specific use case: for the deployment of a standard AIX Golden Image via mksysb, I have been requested to set the root user password to NULL with forced change on first login. Currently the admins need to remember when the Golden Image mksysb was created to calculate the... (5 Replies)
Hi Team
I have created some time back a user called "iuser"
but I am not able to login with it. I am getting below error.
# su - iuser
su: user iuser does not exist
tried to unlock the user still get same error
# pam_tally2 -u iuser -r
pam_tally2: pam_get_uid; no such user iuser... (7 Replies)