On Mon, April 26, 2010 1:46 pm, Phil Howard wrote:
On Mon, Apr 26, 2010 at 4:38 PM, Heiko Schlittermann <hs@schlittermann.de>wrote:
Some people use htpasswd, but there not password scheme is coded into the password hash.
It's not clear what you're seeking - some tool for generating the hashed string (e.g. openssl passwd -1 "$cleartext") or some tool for managing the entries in the (dovecot) password file.
I left it vague to handle some variety. Something to add/delete users is nice. Something to change password in place is nice. Something that given a user and plain text password and everything else Dovecot needs when using it as userdb, and would output to stdout the line contents that would go into the file, would do the job.
I want to avoid re-inventing the wheel. If there are no wheels, I guess I'll just look up the salted-MD5 format details and do it.
Here's a little perl script you can start with for creating the MD5 salted password (slightly modified from something I found on the net a couple of years ago):
#!/usr/bin/perl -wl use strict;
use Crypt::PasswdMD5 qw(unix_md5_crypt); my @salt = ( '.', '/', 0 .. 9, 'A' .. 'Z', 'a' .. 'z' );
# take clear-text password as argument: my $password = shift || die "usage: $0 password";
my %encrypted;
# generate md5 password $encrypted{md5} = unix_md5_crypt( $password, gensalt(8) );
print "$_ $encrypted{$_}" for sort keys %encrypted;
# uses global @salt to construct salt string of requested length sub gensalt { my $count = shift;
my $salt; for (1..$count) { $salt .= (@salt)[rand @salt]; }
return $salt; }
You will need to have the Crypt::PasswdMD5 perl module installed to use this.
Bill