[Dovecot] adding users to passwd-file
Is there a tool equivalent to the system "passwd" command (or maybe "adduser" or "useradd") that can support a passwd-file by setting a password, encrypting it with the salted MD5 scheme? The system "passwd" command doesn't have an option to "do it to this alternate file instead of /etc/shadow".
Phil Howard <ttiphil@gmail.com> (Mo 26 Apr 2010 22:31:45 CEST):
Some people use „htpasswd“, but there not password scheme is coded into the password hash.
It's not clear what you're seeking - some tool for generating the hashed string (e.g. „openssl passwd -1 "$cleartext"“) or some tool for managing the entries in the (dovecot) password file.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann-- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann HS12-RIPE ----------------------------------------- gnupg encrypted messages are welcome - key ID: 48D0359B --------------- gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B -
On Mon, Apr 26, 2010 at 4:38 PM, Heiko Schlittermann <hs@schlittermann.de>wrote:
I left it vague to handle some variety. Something to add/delete users is nice. Something to change password in place is nice. Something that given a user and plain text password and everything else Dovecot needs when using it as userdb, and would output to stdout the line contents that would go into the file, would do the job.
I want to avoid re-inventing the wheel. If there are no wheels, I guess I'll just look up the salted-MD5 format details and do it.
On Mon, April 26, 2010 1:46 pm, Phil Howard wrote:
Here's a little perl script you can start with for creating the MD5 salted password (slightly modified from something I found on the net a couple of years ago):
#!/usr/bin/perl -wl use strict;
use Crypt::PasswdMD5 qw(unix_md5_crypt); my @salt = ( '.', '/', 0 .. 9, 'A' .. 'Z', 'a' .. 'z' );
take clear-text password as argument:
my $password = shift || die "usage: $0 password";
my %encrypted;
generate md5 password
$encrypted{md5} = unix_md5_crypt( $password, gensalt(8) );
print "$_ $encrypted{$_}" for sort keys %encrypted;
uses global @salt to construct salt string of requested length
sub gensalt { my $count = shift;
my $salt; for (1..$count) { $salt .= (@salt)[rand @salt]; }
return $salt; }
You will need to have the Crypt::PasswdMD5 perl module installed to use this.
Bill
Where can I find documentation on this command? There is no "man dovecotpw" installed, and searching for "dovecotpw" on the wiki gives 4 pages that mention its existance.
Just executing the command with no options gives a password prompt that cannot be broken out of (had to kill from another terminal). The -h and -l options give some info, but not enough to plan how to integrate this into building the passdb/userdb. For example how to reference the appropriate file.
marconi/root/x0 /root 72# /usr/sbin/dovecotpw -h
On Mon, Apr 26, 2010 at 5:16 PM, Mike Abbott <michael.abbott@apple.com>wrote:
Is there a tool equivalent to the system "passwd" command
The dovecotpw command may be a good place to start.
participants (4)
-
Bill Landry
-
Heiko Schlittermann
-
Mike Abbott
-
Phil Howard