info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

password generation


From: Beachey, Kendric
Subject: password generation
Date: Wed, 2 Jan 2002 12:37:54 -0600

A few people have recently been asking about CVS user administration and
password generation for the pserver access method, so I thought it might be
time to repost this...

Here are the perl scripts I've been using for cvs password maintenance.  You
may need to adjust the first line to point to your copy of perl.  The first
script adds a new user to your cvs passwd file, using their username as the
initial password.  The second script changes a user's cvs password.  They're
not the greatest solution, I'm sure, but maybe they'll give you an idea for
something better.


--------8<--- cut here ---8<-------------------
#!/usr/bin/perl
#
# addcvsuser <username>
#
# Adds a new user to the cvs passwd file, using the user's name as the
# initial password.
#
# ASSumption:
# this script needs to live in the CVSROOT directory, next door to the cvs
passwd file.
#
# Shortcoming:
# initial password is lame.
 
# grab username from command line
my $username = shift;
 
# generate encrypted password
srand (time());
my $randletter = "(int (rand (26)) + (int (rand (1) + .5) % 2 ? 65 : 97))";
my $salt = sprintf ("%c%c", eval $randletter, eval $randletter);
my $crypttext = crypt ($username, $salt);
my $newpasswdline = sprintf ("%s:%s:%s", $username, $crypttext, "cvs");
 
# Check to see that user doesn't already exist
open (PASSWD, "passwd");
while (<PASSWD>)
{
        split (/:/);
        die ("User $username already exists.\n") if (@_[0] eq $username);
}
close (PASSWD);
 
# Add user's line to passwd file
open (PASSWD, ">>passwd");
print PASSWD "${newpasswdline}\n";
close (PASSWD);
--------8<--- cut here ---8<-------------------
#!/usr/bin/perl
#
# chcvspasswd <username> <newpassword>
#
# ASSumption:
# this script needs to live in your CVSROOT directory, next door to the cvs
passwd file.
#
# Shortcomings:
# 1) your password is typed on the command line, so someone else might see
it.
# 2) you're not required to prove your identity.
# 3) you don't have to know your old password to change it.
 
# Grab username and password from command line
my $username = shift;
my $newpasswd = shift;
 
# Generate encrypted password
srand (time());
my $randletter = "(int (rand (26)) + (int (rand (1) + .5) % 2 ? 65 : 97))";
my $salt = sprintf ("%c%c", eval $randletter, eval $randletter);
my $crypttext = crypt ($newpasswd, $salt);
 
# Find the user's line in the passwd file and change it
open (PASSWD, "passwd");
 
my $found = "no";
my $top = "";
my $middle = "";
my $bottom = "";
 
while (<PASSWD>)
{
        chop;
        split (/:/);
        my $loopuser = @_[0];
        my $looppasswd = @_[1];
        my $loopsysuser = @_[2];
 
        # Not everyone in the world mimics a system user.
        $loopsysuser = ":" . $loopsysuser unless ($loopsysuser eq "");
 
        my $tempstring = sprintf ("%s:%s%s\n", $loopuser, $looppasswd,
$loopsysuser);
 
        if ($loopuser ne $username)
        {
                if ($found eq "no")
                {
                        $top .= $tempstring;
                }
                else
                {
                        $bottom .= $tempstring;
                }
        } # end if loopuser ne username
        else
        {
                $found = "yes";
                $tempstring = sprintf ("%s:%s%s\n", $username, $crypttext,
$loopsysuser);
                $middle = $tempstring;
        }
} # end while PASSWD
 
# Bail out if the user doesn't exist
die ("User $username does not exist.\n") if ($found eq "no");
 
close (PASSWD);
 
# Rewrite the passwd file with the change
open (PASSWD, ">passwd");
print PASSWD ($top);
print PASSWD ($middle);
print PASSWD ($bottom);
--------8<--- cut here ---8<-------------------

Kendric Beachey



reply via email to

[Prev in Thread] Current Thread [Next in Thread]