0

I'm useing linux command useradd and I have problem. I crypted password and add user but not put all pass like:

Password: 7856

Encrypted password: $1$ky6XlX5g$mu6Wva/vTJgZF9.p8tyAq/

Example: useradd -m -p '$1$ky6XlX5g$mu6Wva/vTJgZF9.p8tyAq/' username

I look to shadow file and not all password saved, just a slice of encrypted password.

Saved peace: /vTJgZF9.p8tyAq/

I need exactly command: useradd -m -p

altdovydas
  • 33
  • 3
  • You mention you are using PHP. Are you sure that your system isn't trying to evaluate `$ky6XlX5g` as if it was a variable? – Zoredache Aug 20 '11 at 18:51

3 Answers3

2

This may solve your particular problem...

#!/bin/bash
# Script to add a user to Linux system
if [ $(id -u) -eq 0 ]; then
    read -p "Enter username : " username
    read -s -p "Enter password : " password
    egrep "^$username" /etc/passwd >/dev/null
    if [ $? -eq 0 ]; then
        echo "$username exists!"
        exit 1
    else
        pass=$(perl -e 'print crypt($ARGV[0], "password")' $password)
        useradd -m -p $pass $username
        [ $? -eq 0 ] && echo "User has been added to system!" || echo "Failed to add a user!"
    fi
else
    echo "Only root may add a user to the system"
    exit 2
fi
tagram
  • 86
  • 3
  • I need to know my error reason, it good script but I need like my example. Meabe it impossible? – altdovydas Aug 20 '11 at 15:09
  • There are many reasons your method is failing, namely the way crypt() works. – tagram Aug 20 '11 at 15:19
  • your method is failing most likely due to useradd decrypting the encrypted password and re-encrypting it silently. this is expected behavior with useradd, so to accomplish your goal, you will need a script like the one I posted. It's a simple bash script which you can put in a plain text file and call it from any other application or script if you mark it executable and place it somewhere in your $PATH – tagram Aug 20 '11 at 15:21
  • how modify this scritp that I can execute like ./add.sh username password? sorry I just scripting in php... – altdovydas Aug 20 '11 at 15:31
  • 1
    create a new empty file, copy the script EXACTLY as it appears and save the file. This script will then be run ./scriptname it will then prompt you for a username and password. In php you can include some expect logic, or change the bash script to accept command line parameters. – tagram Aug 20 '11 at 15:35
  • @tagram, passwords are hashed, not encrypted. You cannot decrypt them. – Zoredache Aug 20 '11 at 18:45
  • The same problem since this post. I useing this script, some passwords are saved in half... What a problem I do not understand. – altdovydas Sep 24 '11 at 10:11
1

You mention you are using PHP and SSH. Are you sure that your system isn't trying to evaluate $ky6XlX5g as if it was a variable? Both PHP and Bash use this syntax, perhaps you haven't properly escaped the command you are sending via SSH.

I ask this because I just ran your command on my local system and it seems to work exactly like it should. I suspect something else is happening, and the command is not actually being passed correctly.

root@hostname:# useradd -m -p '$1$ky6XlX5g$mu6Wva/vTJgZF9.p8tyAq/' username
root@hostname:# grep username /etc/shadow
username:$1$ky6XlX5g$mu6Wva/vTJgZF9.p8tyAq/:15206:0:99999:7:::
root@hostname:~
Zoredache
  • 130,897
  • 41
  • 276
  • 420
  • And I tryed with putty program but it same error like ssh2... tagram script is good solution in my way. Maybe you don't get because your local system... – altdovydas Aug 22 '11 at 09:01
-1

I think you have to decrypt it before adding. Maybe u can use a python script to do that. You can substitute the compression technique below with your encryption technique : 

import zlib
import os

def useradd(pass_string,username):
    password=zlib.decompress(pass_string)
    os.system('useradd -m -p'+password+' '+username)

useradd('x\x9c3\xb705\x03\x00\x02(\x00\xdb',username)

You can arrive at that parse string by just typing python on you command line, and in the interpreter you can type

import zlib
zlib.compress('7856')

This will output 

'x\x9c3\xb705\x03\x00\x02(\x00\xdb'

Hope it is clear. You can just substitute the zlib compression with your encryption technique.

sethu
  • 371
  • 3
  • 16